Data storage architecture for an enterprise communication system

ABSTRACT

Various embodiments are directed to group-based data storage systems configured for maintaining data exchanged between client devices within channel-specific shards each corresponding with one or more group-identifiers to provide group-based access to those channel-specific shards and for applying group-specific policies for data stored within those channel-specific shards. Membership of particular users within particular groups and within particular channels may be monitored such that access to particular channel shards may be controlled based on group-memberships of the users, and access to data stored within particular channel shards may be controlled based on channel-memberships of the users.

BACKGROUND

Systems have been provided for facilitating communications among aplurality of individuals via message exchange across client devicesconnected with a centralized messaging system.

Through applied effort, ingenuity, and innovation many deficiencies ofsuch systems have been solved by developing solutions that are inaccordance with the embodiments of the present invention, many examplesof which are described in detail herein.

BRIEF SUMMARY

Scalability of communication systems, particularly those communicationsystems specifically configured for facilitating communication betweenindividuals of a common enterprise, may be improved by managing variouscommunication channels within these sorts of communication systemsacross multiple hardware systems (e.g., servers, databases, and/or thelike). However, to maintain desired levels of security and to preventunauthorized access to communication channels, even in embodiments inwhich communication channels associated with entirely independententerprises are at least partially managed by common hardware devices,access to these communication channels are limited to particular usershaving access to an enterprise to which a particular communicationchannel is related.

Certain embodiments are directed to a group-based data storage systemaccessible by a plurality of client devices. In certain embodiments, thegroup-based data storage system comprises: a plurality of discretememory storage databases, wherein each of the plurality of discretememory storage databases are sharded into a plurality of data shardscomprising channel-specific shards, wherein each of the plurality ofchannel-specific shards have an associated channel identifier; and aremote computing platform correlating each channel identifier with oneor more group identifiers and controlling access to each of theplurality of channel-specific shards based at least in part on channelmembership and group membership by: receiving an access request from aclient device to access data stored on one or more channel-specificshards; determining channel membership and group membership for theclient device; providing the client device with access to data stored inone or more channel-specific shards having associated channelidentifiers and group identifiers matching the client device's channelmembership and group membership.

In certain embodiments, a first channel-specific shard of the pluralityof channel-specific shards has a plurality of corresponding groupidentifiers each associated with one of a plurality of groups; and theremote computing platform is configured to: provide access to channelsettings stored in the first channel-specific shard for client deviceshaving membership in at least one of the plurality of groups.

Moreover, the remote computing platform may be further configured to:receive a channel query from the client device; and provide the clientdevice with a listing of one or more channels matching the channel queryand stored within corresponding channel-specific shards having acorresponding group identifier matching the client device's groupmembership.

In certain embodiments, determining channel membership and groupmembership for the client device comprises: determining a useridentifier associated with the client device; querying a user-specificdatabase shard corresponding with the user identifier to identify one ormore channel identifiers and one or more group identifiers associatedwith the user identifier.

In various embodiments, the remote computing platform is furtherconfigured to provide a client device with access to data stored in aplurality of channel-specific shards having channel identifiers andgroup identifiers matching the client device's channel membership andgroup membership in real-time.

Moreover, the remote computing platform may be further configured toapply group-based policies to one or more channel-specific shards by:determining one or more group identifiers associated with thechannel-specific shard; querying group-specific database shardscorresponding to each of the one or more group identifiers associatedwith the channel-specific shard to identify one or more group-basedpolicies applicable to the channel-specific shards; and adjustingchannel settings stored within the channel-specific shard to comply withthe one or more group-based policies. In certain embodiments, thegroup-based policies comprise enterprise-based policies, and wherein:querying group-specific database shards comprises identifying one ormore enterprise identifiers associated with each of the group-specificdatabase shards; and adjusting channel settings comprises adjustingchannel settings stored within the channel-specific shard to comply withone or more enterprise-based policies associated with the one or moreenterprise identifiers.

Various embodiments are directed to a method for managing a group-basedstorage system accessible via a plurality of client devices, the methodcomprising: sharding a plurality of discrete memory storage databasesinto a plurality of data shards comprising channel-specific shards,wherein each of the plurality of channel-specific shards have anassociated channel identifier correlated with one or more groupidentifiers; and controlling access to each of the plurality ofchannel-specific shards by one or more client devices based at least inpart on channel membership and group membership by: receiving an accessrequest from a client device to access data stored on one or morechannel-specific shards; determining channel membership and groupmembership for the client device; providing the client device withaccess to data stored in one or more channel-specific shards havingassociated channel identifiers and group identifiers matching the clientdevice's channel membership and group membership.

In certain embodiments, a first channel-specific shard of the pluralityof channel-specific shards has a plurality of corresponding groupidentifiers each associated with one of a plurality of groups; and themethod may further comprise: providing access to channel settings storedin the first channel-specific shard for client devices having membershipin at least one of the plurality of groups.

In certain embodiments, the method further comprises: receiving achannel query from the client device; and providing the client devicewith a listing of one or more channels matching the channel query andstored within corresponding channel-specific shards having acorresponding group identifier matching the client device's groupmembership.

In certain embodiments, determining channel membership and groupmembership for the client device comprises: determining a useridentifier associated with the client device; and querying auser-specific database shard corresponding with the user identifier toidentify one or more channel identifiers and one or more groupidentifiers associated with the user identifier.

Moreover, the method may further comprise: providing a client devicewith access to data stored in a plurality of channel-specific shardshaving channel identifiers and group identifiers matching the clientdevice's channel membership and group membership in real-time.

In various embodiments, the method may further comprise: applyinggroup-based policies to one or more channel-specific shards by:determining one or more group identifiers associated with thechannel-specific shard; querying group-specific database shardscorresponding to each of the one or more group identifiers associatedwith the channel-specific shard to identify one or more group-basedpolicies applicable to the channel-specific shards; and adjustingchannel settings stored within the channel-specific shard to comply withthe one or more group-based policies. Moreover, the group-based policiescomprise enterprise-based policies, and wherein: querying group-specificdatabase shards may comprise identifying one or more enterpriseidentifiers associated with each of the group-specific database shards;and adjusting channel settings may comprise adjusting channel settingsstored within the channel-specific shard to comply with one or moreenterprise-based policies associated with the one or more enterpriseidentifiers.

Certain embodiments are directed to a computer program product formanaging a group-based storage system accessible via a plurality ofclient devices, the computer program product comprising at least onenon-transitory computer-readable storage medium having computer-readableprogram code portions stored therein, the computer-readable program codeportions may comprise an executable portion configured to: shard aplurality of discrete memory storage databases into a plurality of datashards comprising channel-specific shards, wherein each of the pluralityof channel-specific shards have an associated channel identifiercorrelated with one or more group identifiers; and control access toeach of the plurality of channel-specific shards by one or more clientdevices based at least in part on channel membership and groupmembership by: receiving an access request from a client device toaccess data stored on one or more channel-specific shards; determiningchannel membership and group membership for the client device; providingthe client device with access to data stored in one or morechannel-specific shards having associated channel identifiers and groupidentifiers matching the client device's channel membership and groupmembership.

In certain embodiments, a first channel-specific shard of the pluralityof channel-specific shards has a plurality of corresponding groupidentifiers each associated with one of a plurality of groups; andwherein the computer program product further comprises an executableportion configured to: provide access to channel settings stored in thefirst channel-specific shard for client devices having membership in atleast one of the plurality of groups.

In certain embodiments, the computer program product further comprisesan executable portion configured to: receive a channel query from theclient device; provide the client device with a listing of one or morechannels matching the channel query and stored within correspondingchannel-specific shards having a corresponding group identifier matchingthe client device's group membership.

In various embodiments, determining channel membership and groupmembership for the client device comprises: determining a useridentifier associated with the client device; querying a user-specificdatabase shard corresponding with the user identifier to identify one ormore channel identifiers and one or more group identifiers associatedwith the user identifier.

In certain embodiments, the computer program product further comprisesan executable portion configured to: provide a client device with accessto data stored in a plurality of channel-specific shards having channelidentifiers and group identifiers matching the client device's channelmembership and group membership in real-time.

Moreover, the computer program product may further comprise anexecutable portion configured to apply group-based policies to one ormore channel-specific shards by: determining one or more groupidentifiers associated with the channel-specific shard; queryinggroup-specific database shards corresponding to each of the one or moregroup identifiers associated with the channel-specific shard to identifyone or more group-based policies applicable to the channel-specificshards; and adjusting channel settings stored within thechannel-specific shard to comply with the one or more group-basedpolicies. Moreover, the group-based policies may compriseenterprise-based policies, and wherein: querying group-specific databaseshards comprises identifying one or more enterprise identifiersassociated with each of the group-specific database shards; andadjusting channel settings comprises adjusting channel settings storedwithin the channel-specific shard to comply with one or moreenterprise-based policies associated with the one or more enterpriseidentifiers.

Various embodiments are directed to a group-based data storage systemaccessible by a plurality of client devices, the group-based datastorage system comprising: a plurality of discrete memory storagedatabases collectively defining a plurality of user shards and aplurality of channel shards; wherein: each channel shard of theplurality of channel shards has an associated channel identifier andstores data exchanged between client devices in association with thechannel identifier; and each user shard of the plurality of user shardscorresponds to a single user identifier of a plurality of useridentifiers, and each user shard identifies channel memberships for thesingle user by channel identifier; a remote computing platformconfigured to control access to each of the plurality of channel shardsby a client device associated with a particular user identifier of theplurality of user identifiers based at least in part on a user shard ofthe plurality of user shards corresponding with the particular useridentifier.

In certain embodiments, the remote computing platform is furtherconfigured for controlling channel membership based at least in part ongroup membership, such that channel identifiers stored in a user shardhave an associated group identifier matching a group identifierassociated with the user identifier of the user shard.

In certain embodiments, the group-specific shards comprise firstgroup-specific shards each corresponding to an enterprise group andsecond group-specific shards each corresponding to a subgroup; each ofthe second group-specific shards comprise hierarchy data comprising agroup identifier corresponding to one of the first group-specificshards; and the linking data links the new shard with one or more of thesecond group-specific shards. In various embodiments, each of the firstgroup-specific shards comprise data indicative of enterprise channelcreation parameters, and wherein the remote computing platform isfurther configured to populate the new shard with data indicative of oneor more of the enterprise channel creation parameters. Moreover, theremote computing platform may be configured as a group-basedcommunication platform configured to facilitate message exchange betweenthe plurality of client devices.

Moreover, each user shard of the plurality of user shards may furtheridentify group memberships for the single user by group identifier, andthe remote computing platform is further configured to control access tochannel settings stored within each of the plurality of channel shardsby the client device associated with the particular user identifierbased at least in part on group identifiers stored within thechannel-shards and the user shard corresponding with the particular useridentifier.

In certain embodiments, the plurality of discrete memory storagedatabases further define a plurality of group shards; wherein: eachgroup shard of the plurality of group shards corresponds to a singlegroup identifier of a plurality of group identifiers, and each groupshard identifies group policies for the single group identifier; eachchannel shard further stores channel settings in association with acorresponding channel identifier and identifies one or more groupidentifiers associated with the corresponding channel identifier; andthe remote computing platform is further configured to maintaincompliance of channel settings relative to group policies associatedwith group identifiers associated with corresponding channelidentifiers.

Certain embodiments are directed to a group-based communication platformstoring communication channels associated with a common group inseparate database shards by: associating data for a plurality ofcommunication channels, stored in separate database shards, with acommon group; associating one or more user profiles with the commongroup; maintaining a membership listing of user profiles associated witheach of the plurality of communication channels, wherein access to acommunication channel is limited to listed members of that communicationchannel, and only members of a particular communication channel's groupmay be added to the listing of members for a particular communicationchannel; and transmitting, from the group-based communication platformto at least one client device corresponding to a user profile, data fora plurality of communication channels retrieved from a plurality ofseparate database shards.

In certain embodiments, the group-based communication platform isconfigured to store, in a memory storage area, a data table identifyingmembers of the common group by associating user profiles with a groupidentifier corresponding to the common group, and wherein access to oneor more communication channels associated with the common group islimited to user profiles associated with the common group. Moreover,database shards storing data relating to a particular group/team mayspan multiple database shards stored on multiple physical databasestorage devices. Thus, the platform may be configured to retrieve datafrom multiple database shards to be transmitted to a client devicesimultaneously. In certain embodiments, the platform is configured totransmit data retrieved from a plurality of database shards via a singlewebsocket connection to the client device.

In various embodiments, the group-specific shards comprise firstgroup-specific shards each corresponding to an enterprise group andsecond group-specific shards each corresponding to a subgroup; each ofthe second group-specific shards comprise hierarchy data comprising agroup identifier corresponding to one of the first group-specificshards; and the linking data links the new shard with one or more of thesecond group-specific shards. Moreover, in certain embodiments, each ofthe first group-specific shards comprise data indicative of enterprisechannel creation parameters, and wherein sharding the plurality ofdiscrete memory storage databases further comprises populating the newshard with data indicative of one or more of the enterprise channelcreation parameters.

Certain embodiments are directed to a group-based data storage systemaccessible by a plurality of client devices. In various embodiments, thegroup-based data storage system comprises: a plurality of discretememory storage databases, wherein each of the plurality of discretememory storage databases are sharded into a plurality of data shardscomprising: channel-specific shards each having an associated channelidentifier; group-specific shards each having an associated groupidentifier; and user-specific shards each having an associated useridentifier; and a remote computing platform configured for sharding theplurality of discrete memory storage databases to generate new datashards of the plurality of data shards by: receiving a channel creationrequest from a client device associated with a given user identifier;generating a new shard within one of the plurality of discrete memorystorage databases corresponding to the channel creation request;populating the new shard with linking data linking the new shard withone or more linked group-specific shards of the one or moregroup-specific shards and one or more linked user-specific shards of theone or more user-specific shards; and populating the one or more linkedgroup-specific shards and the one or more linked user-specific shardswith data identifying the new shard.

In various embodiments, the new shard is a new channel-specific shard,and the one or more linked group-specific shards are linked with aplurality of channel-specific shards stored on a plurality of discretememory storage databases. In various embodiments, the new shard is a newchannel-specific shard, and wherein the remote computing platform isconfigured to enforce access control to the new shard based at least inpart on the linking data. Moreover, the remote computing platform may beconfigured to enforce access control to the new shard by: enforcing afirst access level for users based on the linked group-specific shards;and enforcing a second access level for users based on the linkeduser-specific shards. Moreover, in certain embodiments, each of the oneor more linked group-specific shards identifies user-specific shardscorresponding to members of the group-specific shard, and wherein thefirst access level enables members of the one or more linkedgroup-specific shards to view identifying data corresponding to the newshard. In various embodiments, the second access level enables usersassociated with each of the one or more linked user-specific shards toaccess contents of the new shard. In certain embodiments, the remotecomputing platform is further configured to: receive an access requestfrom a client device associated with one of the one or more linkeduser-specific shards; determine channel membership and group membershipfor the client device; and provide the client device with access to datastored in the new shard upon determining that the client device channelmembership encompasses the new shard.

Various embodiments are directed to a computer program product formanaging a group-based storage system accessible via a plurality ofclient devices, the computer program product comprising at least onenon-transitory computer-readable storage medium having computer-readableprogram code portions stored therein, the computer-readable program codeportions comprising an executable portion configured to: shard aplurality of discrete memory storage databases into a plurality of datashards comprising: channel-specific shards each having an associatedchannel identifier; group-specific shards each having an associatedgroup identifier; and user-specific shards each having an associateduser identifier; and wherein sharding the plurality of discrete memorystorage databases comprises: receiving a channel creation request from aclient device associated with a given user identifier; generating a newshard within one of the plurality of discrete memory storage databasescorresponding to the channel creation request; populating the new shardwith linking data linking the new shard with one or more linkedgroup-specific shards of the one or more group-specific shards and oneor more linked user-specific shards of the one or more user-specificshards; and populating the one or more linked group-specific shards andthe one or more linked user-specific shards with data identifying thenew shard.

In certain embodiments, the new shard is a new channel-specific shard,and the one or more linked group-specific shards are linked with aplurality of channel-specific shards stored on a plurality of discretememory storage databases.

Moreover, the new shard may be a new channel-specific shard, and whereinthe remote computing platform is configured to enforce access control tothe new shard based at least in part on the linking data. In certainembodiments, the computer-readable program code portions comprise anexecutable portion are configured to enforce access control to the newshard by: enforcing a first access level for users based on the linkedgroup-specific shards; and enforcing a second access level for usersbased on the linked user-specific shards.

Moreover, each of the one or more linked group-specific shards mayidentify user-specific shards corresponding to members of thegroup-specific shard, and wherein the first access level enables membersof the one or more linked group-specific shards to view may identifydata corresponding to the new shard. In various embodiments, the secondaccess level enables users associated with each of the one or morelinked user-specific shards to access contents of the new shard. Incertain embodiments, the computer-readable program code portionscomprising an executable portion are configured to: receive an accessrequest from a client device associated with one of the one or morelinked user-specific shards; determine channel membership and groupmembership for the client device; and provide the client device withaccess to data stored in the new shard upon determining that the clientdevice channel membership encompasses the new shard.

Certain embodiments are directed to a group-based data storage systemaccessible by a plurality of client devices. In certain embodiments, thegroup-based data storage system comprises: a plurality of discretememory storage databases, wherein each of the plurality of discretememory storage databases are sharded into a plurality of data shardscollectively comprising: a plurality of channel shards each having anassociated channel identifier of a plurality of channel identifiers andeach storing data exchanged between client devices in association withthe channel identifier; a plurality of group shards each having anassociated group identifier, wherein each group shard of the pluralityof group shards stores data indicative of channel creation authorizationfor new channels associated with the group shard; and a plurality ofuser shards each having an associated user identifier of a plurality ofuser identifiers and each user shard identifying channel membership andgroup membership for the associated user identifier; and a remotecomputing platform configured to control channel creation authorizationfor new channel shards requested by a client device associated with aparticular user identifier of the plurality of user identifiers based atleast in part on a group shard of the plurality of group shardscorresponding with the particular user identifier.

In various embodiments, each group shard of the plurality of groupshards corresponds to a single group identifier of a plurality of groupidentifiers, and each group shard identifies group policies for thesingle group identifier; each channel shard further stores channelsettings in association with a corresponding channel identifier andidentifies one or more group identifiers associated with thecorresponding channel identifier; and the remote computing platform isfurther configured to maintain compliance of channel settings associatedwith new channels relative to group policies associated with groupidentifiers associated with corresponding channel identifiers.

Moreover, in certain embodiments, data indicative of channel creationauthorization stored within each group shard comprises data indicativeof one or more user identifiers authorized for channel creation.Moreover, the plurality of group shards may comprise a plurality offirst group shards relating to enterprise groups, and a plurality ofsecond group shards relating to subgroups; and wherein: each of thesecond group shards may comprise enterprise data identifying a groupidentifier corresponding to one of the first group shards relating to anassociated enterprise group; and wherein data indicative of channelcreation authorization for new channels associated with each of thesecond group shards may at least partially match data indicative ofchannel creation authorization for new channels associated with the oneof the first group shards relating to the associated enterprise group.

Certain embodiments are directed to a computer program product formanaging a group-based storage system accessible via a plurality ofclient devices, the computer program product comprising at least onenon-transitory computer-readable storage medium having computer-readableprogram code portions stored therein, the computer-readable program codeportions comprising an executable portion configured to: shard aplurality of discrete memory storage databases into a plurality of datashards comprising: a plurality of channel shards each having anassociated channel identifier of a plurality of channel identifiers andeach storing data exchanged between client devices in association withthe channel identifier; a plurality of group shards each having anassociated group identifier, wherein each group shard of the pluralityof group shards stores data indicative of channel creation authorizationfor new channels associated with the group shard; and a plurality ofuser shards each having an associated user identifier of a plurality ofuser identifiers and each user shard identifying channel membership andgroup membership for the associated user identifier; and control channelcreation authorization for new channel shards requested by a clientdevice associated with a particular user identifier of the plurality ofuser identifiers based at least in part on a group shard of theplurality of group shards corresponding with the particular useridentifier.

In certain embodiments, each group shard of the plurality of groupshards corresponds to a single group identifier of a plurality of groupidentifiers, and each group shard identifies group policies for thesingle group identifier; each channel shard further stores channelsettings in association with a corresponding channel identifier andidentifies one or more group identifiers associated with thecorresponding channel identifier; and the computer-readable program codeportions comprise further executable portions configured to maintaincompliance of channel settings associated with new channels relative togroup policies associated with group identifiers associated withcorresponding channel identifiers.

Moreover, data indicative of channel creation authorization storedwithin each group shard may comprise data indicative of one or more useridentifiers authorized for channel creation. In certain embodiments, theplurality of group shards comprises a plurality of first group shardsrelating to enterprise groups, and a plurality of second group shardsrelating to subgroups; and wherein: each of the second group shardscomprises enterprise data identifying a group identifier correspondingto one of the first group shards relating to an associated enterprisegroup; and wherein data indicative of channel creation authorization fornew channels associated with each of the second group shards at leastpartially matches data indicative of channel creation authorization fornew channels associated with the one of the first group shards relatingto the associated enterprise group.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

Reference will now be made to the accompanying drawings, which are notnecessarily drawn to scale, and wherein:

FIG. 1 shows a schematic view of a group-based communication platform incommunication with client devices according to another embodiment;

FIG. 2 shows a schematic view of a message distribution server accordingto one embodiment;

FIG. 3 shows a schematic view of an interface computing entity accordingto one embodiment;

FIGS. 4-9 are example data tables utilized to facilitate dataassociations between data stored in a plurality of disparate storagelocations;

FIG. 10 is a flowchart illustrating example steps for generating anintra-group communication channel;

FIG. 11 is a flowchart illustrating example steps for generating aninter-group, intra-enterprise communication channel; and

FIG. 12 is a flowchart illustrating example steps for generating aninter-enterprise communication channel.

DETAILED DESCRIPTION

The present disclosure more fully describes various embodiments withreference to the accompanying drawings. It should be understood thatsome, but not all embodiments are shown and described herein. Indeed,the embodiments may take many different forms, and accordingly thisdisclosure should not be construed as limited to the embodiments setforth herein. Rather, these embodiments are provided so that thisdisclosure will satisfy applicable legal requirements. Like numbersrefer to like elements throughout.

Overview

Various embodiments are configured for automatically storing andretrieving data (e.g., messages) exchanged between a plurality of clientdevices through corresponding communication channels from a plurality ofdisparate sharded database storage locations. Each communication channelmay be associated with a unique sharded database storage location, and aplurality of these sharded database storage locations may be associatedrelative to one another via one or more datatables to collectively formone or more group-based communication grids. Thus, data relating to aparticular organization (or other group) that spans multiplecommunication channels may be stored across a plurality of databaseshards collectively forming an organization's (or other group's)communication grid, thereby avoiding data storage limitations and/orlatency issues associated with storing a large amount of data associatedwith a single group with hardware database storage device(s). Thesecommunication grids may be hierarchical in nature to providehierarchical administrative policies for channels encompassed thereby,such as those discussed in U.S. application Ser. No. 15/782,680, filedOct. 12, 2017, the contents of which are incorporated herein byreference in their entirety. Moreover, multiple communication grids (orportions of communication grids) may overlap via one or more sharedcommunication channels, which enable cross-grid communications betweenmembers of multiple discrete group-based communication grids. Variousembodiments enable group-specific (or enterprise-specific)administrative policies for those shared channels, enabling sharedchannels to remain subject to the same group-specific administrativepolicies even when shared externally with other groups (which may besubject to different, potentially conflicting administrative policies).

Moreover, the administrative policies are applied to any newly generatedchannels relating to particular groups (e.g., group-specificadministrative policies) and/or particular enterprises (e.g.,enterprise-specific administrative policies), as well as existingchannels relating to particular groups and/or particular enterprises.Thus, if administrative policies are updated after generation ofcorresponding channels, channel settings associated with each of thecorresponding channels may be updated to comply with the updatedadministrative policies.

Thus, the group-based communication platform utilizes channel-basedsharding strategies to store data, such that data associated withparticular communication channels are stored in corresponding databaseshards identified based at least in part on the channel identifierassociated with the communication channel. However, the group-basedcommunication platform is additionally configured to limit access to thestored channel-specific data based on a particular user's associationwith one or more groups. Thus, access to communication channel datawithin a particular group (inclusive of messages exchanged withincommunication channels, the identity and/or existence of thecommunication channels themselves, and other data associated withparticular communication channels) may be selectably isolated toidentified members of the particular group without a need for discreteand separate data storage areas for each group. Thus, a plurality ofseparate groups (and their associated communication channels) may allreap substantially similar access speed and storage availabilitybenefits by mutually sharing a collective database storage area dividedinto individual database shards assigned to particular communicationchannels, while retaining desirable access control limitations toprevent unauthorized users from accessing existing communicationchannels and/or to prevent authorized users from establishingunauthorized communication channels with other, unauthorized users.

Moreover, various embodiments maintain capabilities for applyinghierarchical administrative policies for channels encompassed within acommunication grid, thereby maintaining desirable consistency betweenadministrative policies for channels accessible to a particularorganization associated with the communication grid. Overall, theconfigurations discussed herein significantly ease horizontal scalingstrategies for data stored in association with a particular group whilemaintaining desirable data access-limitations and administrativepolicies, without significant latency concerns resulting from increasingdata storage requirements.

Moreover, client devices utilized to exchange data via thesecommunication channels may be configured to integrate communicationinterfaces providing easy access to a plurality of communicationchannels associated with different groups, subgroups, enterprises,and/or the like. The client devices may be further configured toconsolidate data shared within particular cross-group communicationchannels associated with a particular user to provide a multi-groupconsolidated view of a particular communication channel associated withmultiple groups that are also associated with the user.

Definitions

As used herein, the terms “data,” “content,” “information,” and similarterms may be used interchangeably to refer to data capable of beingtransmitted, received, and/or stored in accordance with embodiments ofthe present invention. Thus, use of any such terms should not be takento limit the spirit and scope of embodiments of the present invention.Further, where a computing device is described herein to receive datafrom another computing device, it will be appreciated that the data maybe received directly from another computing device or may be receivedindirectly via one or more intermediary computing devices, such as, forexample, one or more servers, relays, routers, network access points,base stations, hosts, and/or the like. Similarly, where a computingdevice is described herein to send data to another computing device, itwill be appreciated that the data may be sent directly to anothercomputing device or may be sent indirectly via one or more intermediarycomputing devices, such as, for example, one or more servers, relays,routers, network access points, base stations, hosts, and/or the like.

The term “user” should be understood to refer to an individual, a groupof individuals, business, organization, and the like. Users may access agroup-based communication or messaging system using client devices.“Group-based” is used herein to refer to a system, channel, message,grid, or virtual environment that has security sufficient such that itis accessible only to a defined group of users. The group may be definedby common access credentials such as those of an organization orcommercial enterprise. Access may further be facilitated by a validatedrequest to join or an invitation to join transmitted by one group memberuser to another non-member user. Group identifiers (defined below) areused to associate data, information, messages, etc., with specificgroups.

The terms “user profile,” “user account,” and “user account details”refer to information associated with a user, including, for example, auser identifier, one or more communication channel identifiersassociated with communication channels that the user has been grantedaccess to, one or more group identifiers for groups with which the useris associated, an indication as to whether the user is anowner/administrator of any communication channels, an indication as towhether the user is an owner/administrator of any groups, an indicationas to whether the user has any communication channel restrictions, aplurality of messages, a plurality of emojis, a plurality ofconversations, a plurality of conversation topics, an avatar, an emailaddress, a real name (e.g., John Doe), a username (e.g., jdoe), apassword, a time zone, a status, and the like. The user account detailscan include a subset designation of user credentials, such as, forexample, login information for the user including the user's usernameand password.

In certain embodiments, data indicative of a user's identity and dataindicative of the user's communication channel membership may be storedin separate storage locations, such as separate data storage tables. Asan example, a user profile may comprise data such as a unique useridentifier, a username associated with a user, alternative communicationinformation for the user (e.g., an email address), a password for theuser, a creation date for the user profile, a display name for the user,and/or the like. Such data may be stored in a data table, such as theusers table shown in FIG. 4. As shown in the embodiment of FIG. 4, theuser data stored within the users table may not provide an indication ofgroup or channel memberships for the users. Instead, one or moreseparate data tables may be indicative of other user account details,such as group memberships for the user, communication channelmemberships for the user, and/or the like. For example, a user-grouptable, such as shown in FIG. 5 provides an association betweenindividual users (listed by corresponding unique user identifiers) andteams/groups (identified by unique group identifiers). The user-groupdata table may comprise additional data, such as the date/time at whicha particular user joined a particular group, and one or more indicationsof whether a particular user is a group administrator havingadministrator or ownership privileges for a particular group. Detailsregarding particular groups may be stored separately in group profilesstored within a group data table, discussed herein. Thus, by referencingthe unique user identifier from the user profile within thecommunication channel table, the group-based communication platform(described in further detail below) provides additional user accountdetails indicative of the user's membership in particular communicationchannels and/or groups.

Similarly, membership of users within particular communication channels(discussed herein) may be established/maintained via a channel-memberdata table, such as that shown in FIG. 6. The channel-member data tableprovides an association between individual users (listed bycorresponding unique user identifiers) and communication channels(identified by unique channel identifiers). The channel-member datatable may comprise additional data, such as a unique group identifierassociated with the channel, a date/time at which a particular userjoined a particular communication channel, a date/time the user lastread the contents of a communication channel, an indication of whether aparticular communication channel is open/currently active on the user'sclient device, a channel type, an indication as to whether the user'saccess to a particular communication channel is restricted (and thelevel of restriction associated with the user's access to a particularcommunication channel), and/or the like.

In certain embodiments, users may be considered “restricted” users or“ultra-restricted” users of a particular communication channel. Whereasnormal, “unrestricted” users may have full read and write access to thecommunication channel—thereby enabling those users to read messagesexchanged via the communication channel and to write new messages forexchange via the communication channel, restricted users may beprevented from writing new messages for exchange via the communicationchannel, while those users still have read access of messages exchangedvia the communication channel. Ultra-restricted users may have furtheraccess privileges, for example, based on additional functionalityassociated with communication channels. For example, restricted usersmay be enabled to select reactions to exchanged messages, whereasultra-restricted users may not have reaction-selection privileges formessages within the communication channel. Distinctions betweenunrestricted, restricted, and ultra-restricted users may be particularlyuseful in enterprise-wide communication channels having a large numberof channel members. Only a subset of the users may be identified asunrestricted users (e.g., for providing enterprise-wide announcements),whereas other users may only have access to read the messages of thoseunrestricted users, and to select reactions (if enabled).

The terms “group administrator,” “group admin,” “team administrator,” or“team admin” refers to credentials or identifiers associated with userprofile that indicate that a client device associated with the userprofile may edit access channel settings of respective groups andgroup-based communication channels having identifiers associated withthe user profile. In some embodiments, group administrators transmitchannel creation requests to the group-based communication platform tocreate group-based communication channels for a particular group. Usersidentified as group administrators may edit the access control rights toa group or group-based communication channel which the group is a partof. Group administrators may also add users to the group or group-basedcommunication channel which the group is a part of or to invite users toa group or group-based communication channel which the group is a partof. The access control parameters editable by the group administratormay be limited by the settings set by a super administrator.

The term “client device” refers to computer hardware(s) and/orsoftware(s) that is/are configured to access one or more services madeavailable by one or more servers. The server(s) is/are often (but notalways) on another computer system, in which case the client deviceaccesses the service by way of a network. A client device may beassociated with a unique user identifier, which may be referenced in oneor more data tables providing an electronic indication that suggests agroup (e.g., a user group) and/or communication channel to which theuser of the client device belongs to. Client devices may include,without limitation, smart phones, tablet computers, laptop computers,desktop computers, wearable devices, personal computers, enterprisecomputers, and the like.

The term “group-based communication platform” refers to a collection ofcomputing services that are accessible to one or more client devices,and that are operable to provide access to a plurality of softwareapplications related to operations of databases. In some examples, thegroup-based communication platform may take the form of one or morecentral servers disposed in communication with one or more additionalservers running software applications, and having access to one or moredatabases storing digital content items, application-related data,and/or the like.

The term “communication channel” refers to an information route andassociated circuitry that is used for data exchange between and amongsystems and parts of systems. For example, a communication channel maybe established between and among various client devices, allowing theseclient devices to communicate and share data between and among eachother. These communication channels may be “group-based communicationchannels” established between and among a select group of client devices(and their respective users) for sharing messages among all users of thegroup. The communication channels may also and/or alternatively beone-to-one, direct message communication channels established betweenand among two client devices (and their respective users) for sharingmessages among only those two users.

The term “channel settings” refers to various defined or definableparameters of a group-based communication channel. The channel settingsmay comprise a channel identifier, a channel name string, and a channelpurpose string.

Multiple communication channels may operate on each of one or morecomputing devices, and therefore a “communication channel identifier” or“channel identifier” may be assigned to a communication channel, whichindicates the physical address in a database where related data of thatcommunication channel is stored and which is utilized to identify clientdevices that participate within the communication channel to receivedata exchanged on the communication channel. The communication channelidentifier therefore ensures communication channels remain distinct andseparate even on computing devices associated with a plurality ofcommunication channels.

The channel name string refers to a data structure containing a stringof alphanumerical characters for identifying a channel in non-technicalterms. The channel name string may be identical to a channel identifier,however this is not required in certain embodiments. A channel purposestring refers to a data structure containing a string of alphanumericalcharacters that indicates to a group-based communication platform and/ora user a purpose of the group-based communications channel. In someexamples, a channel purpose string may contain a channel purpose such as“to work on project Nucleus.” Channel settings may also include amessage retention window that indicates a period of network time duringwhich messages associated with a group-based communication channel areretained within a group-based communication repository. Upon expirationof the period of network time (i.e., the message retention window), amessage or file associated with the message retention window may bedeleted from a group-based communication repository. Channel settingsmay also include one or more of a group capacity and a user capacitythat, when applicable, indicates the number of groups (or users)authorized to access the particular group-based communication channel;and, when applicable one or more group identifier values that indicatethe group identifier(s) of one or more groups authorized to access thegroup-based communication channel. In some embodiments, if a userassociated with a client device attempts to access a group-basedcommunication channel and the user capacity has been reached, the clientdevice may not be permitted to access the group-based communicationchannel. The channel settings may also include one or more authorizedapplication identifiers that indicate to a group-based communicationplatform which applications are authorized to be downloaded and utilizedin the group-based communication channel. In embodiments, if anapplication attempts to access a group-based communication channel andthe application is not associated with an authorized applicationidentifier, the application may not be granted access to the group-basedcommunication channel.

The communication channel identifier, channel name string, channelpurpose, as well as other identifying data and/or other channelcharacteristics relating to a particular communication channel, may bestored in a channels data table, such as that shown in FIG. 7. Thechannels data table includes the unique channel identifier for eachchannel, the channel name (e.g., display name), a date/time the channelwas created, a unique group identifier indicating a group (orenterprise) for which the communication channel is related, a uniqueuser identifier for the creator of the channel, textual stringsindicative of the assigned channel purpose (which may be displayed tousers), and a privacy type for each channel (e.g., whether the channelis public or private within associated groups). As discussed in greaterdetail herein, data associated with each channel (e.g., messagesexchanged within a channel), and data indicative of certain of thechannel settings may be stored in a particular database “shard,” andaccordingly the channels data table may be indicative of a physicaladdress at which the channel data is stored. These database shards mayencompass a particular storage location within a physical databasestorage device. A plurality of database shards, spanning a plurality ofphysical database storage devices are utilized to store data associatedwith a plurality of communication channels. It should also be understoodthat a single physical database storage device may encompass a pluralityof database shards thereon. The amount of memory associated with aparticular database shard may vary, and may depend on the amount of dataassociated with a particular communication channel stored within thedatabase shard.

As mentioned above, data regarding communication channel membership maybe identified within one or more separate data tables such as thechannel-members data table discussed above (which may be sharded into aplurality of database shards based on user identifier), and accordinglythe communication channel identifiers may be utilized to associateparticular unique user identifiers with access to a particularcommunication channel as identified by its respective channelidentifier. Similarly, data regarding communication channel associationswith particular groups may be identified within one or more separatedata tables such as the groups-channels data table illustrated in FIG.9. The groups-channels data table associates unique channel identifierswith unique group identifiers to enable members of a particular group toaccess data within a particular channel. Channels may be single-groupchannels (also referred to herein as “intra-group channels”) linked witha single group (such as channels “2001,” “2002,” and “2003” as shown inFIG. 9), or cross-group channels (also referred to herein as“inter-group channels”) linked with a plurality of groups (such aschannel “2004” as shown in FIG. 9). These cross-group or inter-groupchannels may additionally be “intra-enterprise channels” (associatedwith a single enterprise, such that the channel is an inter-group,intra-enterprise channel) or “inter-enterprise channels” (associatedwith a plurality of enterprises, such that the channel is aninter-group, inter-enterprise channel). The groups-channels data tablemay further comprise additional data regarding group-channelassociations, such as the date a particular channel was linked with aparticular group, a share type (e.g., indicating whether a particularchannel is a cross-group channel that may be shared across groups), anda privacy type for a particular channel.

A communication channel may be “public,” which may allow any clientdevice to join and participate in the information sharing through thecommunication channel. Public communication channels may still be accesslimited, for example, to user identifiers associated with a particulargroup identifier. Thus, in the context of a large organization, publiccommunication channels may be accessible to all employees of theorganization (thus having user identifiers corresponding with anidentifier associated with the large organization), but those samepublic communication channels may not be accessible to non-employees ofthe organization (associated with user identifiers that are notassociated with the identifier of the large organization). Acommunication channel may be “private,” which may restrict datacommunications in the communication channel to certain client devicesand/or users.

The term “communication channel interface” refers to a virtualcommunications environment or feed that is configured to displaymessaging communications posted by channel members (e.g., validatedusers accessing the environment using client devices) that are viewableonly to the members of the group. The format of the communicationchannel interface may appear differently to different members of thegroup-based communication channel; however, the content of thecommunication channel interface (i.e., messaging communications) will bedisplayed to each member of the group-based communication channel. Forinstance, a common set of group-based messaging communications will bedisplayed to each member of the respective group-based communicationchannel such that the content of the communication channel interface(i.e., messaging communications) will not vary per member of thegroup-based communication channel.

As used herein, the terms “messaging communication” and “message” referto any electronically generated digital content object provided by auser using a client device and that is configured for display within acommunication channel interface. Message communications may include anytext, image, video, audio, or combination thereof provided by a user(using a client device). For instance, the user may provide a messagingcommunication that includes text as well as an image and a video withinthe messaging communication as message contents. In such a case, thetext, image, and video would comprise the messaging communication ordigital content object. Each message sent or posted to a communicationchannel (e.g., a group-based communication channel) of the group-basedcommunication system includes metadata comprising the following: asending user identifier, a message identifier, message contents, anobject identifier, a group identifier and/or a communication channelidentifier. Each of the foregoing identifiers may comprise ASCII text, apointer, a memory address, and the like.

The term “enterprise” should be understood to refer to a company,organization and the like having a corresponding communication grid.These terms are used interchangeably throughout the disclosure.Enterprises may each encompass a plurality of groups or teams (discussedbelow), thereby providing a hierarchical structure to the enterprise.

The term “enterprise policies” refers to organizationally definednetwork parameters, protocols, keys, limits, and policies that enable orconfirm specified availability, scalability, performance, compatibilityand security levels for an enterprise group-based communication system.Enterprise policies span channel creation, messaging and file usage,invitations, emoji creation, app installs, user profiles and accessmodes. The enterprise policies regulate all group-based communicationchannels and all group-based communication channels for the respectiveorganization must comply with the enterprise policies.

“Groups” or “teams” refer to particular organizations, collections ofusers, or other defining characteristics utilized to associate aplurality of users. Groups or teams may be distinguished based on “groupidentifiers” or “team identifiers” that refer to one or more items ofdata by which a group within a group-based communication system may beidentified. In certain embodiments, enterprises, as discussed above, mayhave corresponding group identifiers/team identifiers, such thatenterprises may be represented within listings/tables of groups orteams. As an example, a group identifier may comprise ASCII text, apointer, a memory address, and the like. These group identifiers may bestored within group profiles, which are stored within a group datatable, such as that shown in FIG. 8. In the embodiment shown in FIG. 8,the group data table comprises unique group identifiers for each group,a group name for each group, a date/time at which a particular group wascreated, a unique user identifier having administrative user privilegesfor a particular group, any preference identifiers, an indication ofwhether a particular group is an enterprise with an associatedgroup-based communication grid (which may encompass a higher-levelgrouping, under which a plurality of lower-level subgroups may relate),and a unique group identifier for a higher-level enterprise, if thegroup is a subgroup. As shown in the example of FIG. 8, the group havingidentifier “1001” is not considered an enterprise, nor is it related toan enterprise. By contrast, the group having identifier “1003” isconsidered an enterprise (in certain embodiments, enterprises cannot beassociated with any higher level groupings), and groups “1004” and“1005” are individual subgroups within the “1003” enterprise. Asmentioned, membership within a particular group (whether considered anenterprise, a subgroup, or a standalone group) may beestablished/maintained with a separate users-group data table providingassociations between individual users and groups.

The terms “group-based communication channel identifier” or “channelidentifier” refer to one or more items of data by which a group-basedcommunication channel may be identified. For example, a group-basedcommunication channel identifier may comprise ASCII text, a pointer, amemory address, and the like. In certain embodiments, a communicationchannel (whether public or private) may be available for use betweenusers (and their associated client devices) of a common group/team,although cross-group communication channels may be available betweenclient devices associated with users of separate groups. Thus, a channelidentifier may be provided together with one or more group identifiersto specifically identify where data/messages related to the particularcommunication channel are stored.

“Group-based communication grids” or “communication grids” refer toorganizational collections of a plurality of communication channelscollectively servicing an enterprise. Communication grids may have ahierarchical structure, such that enterprises may comprise groups nestedtherein. In certain embodiments, additional hierarchical levels may beprovided, such as sub-groups nested within groups of the enterprise.Communication channels may be associated with any level of thecommunication grid. For example, communication channels may beassociated with the highest-level group (or enterprise), in which casethe communication channel may be accessible to all members associatedwith the group (or enterprise). Alternatively, a communication channelmay be associated with a sub-group (or a plurality of sub-groups) suchthat only members associated with the one or more subgroups may accessthe communication channel. Members of other subgroups within theenterprise may not have access to the communication channel in thisexample. Moreover, certain cross-group communication channels may beshared across multiple communication grids. In such instances, across-group communication channel may be shared between multipleenterprises, or between a first subgroup associated with a firstenterprise and a second subgroup associated with a second enterprise.Cross-group communication channels may be shared among any number ofenterprises, subgroups (either nested within a single enterprise ornested within multiple enterprises).

The term “channel creation request” refers to one or more items of databy which a user of a group-based communication platform may request tocreate a group-based communication channel. The channel creation requestmay originate from a user's client device. The channel creation requestcomprises desired channel settings as well as an originator identifier.A channel creation request is discussed herein as being one type of an“access management request.”

The term “channel access request” refers to one or more items of data bywhich a client device of a group-based communication platform mayrequest access to a group-based communication channel via thegroup-based communication platform. Channel access requests arediscussed herein as being another example of access management requests.The channel access request comprises a group-based communication channelidentifier. In some embodiments, the channel access request may furthercomprise a global identifier associated with the requesting clientdevice, a user identifier associated with the requesting client device,and/or a group identifier associated with the requesting client device.

The term “access rights” refers to parameters for controlling theability of users to view, change, navigate, and execute contents of thegroup-based communication platform.

The term “invitation to join” refers to one or more items of data bywhich a client device of a group-based communication platform mayprovide access (e.g. by sending a group identifier or group-basedcommunication channel identifier) to a group-based communication channelor a group. The invitation to join may comprise a group-basedcommunication channel identifier, a group identifier, a recipient'sglobal identifier and/or a recipient's user identifier.

The term “originator identification” or “originator identifier” refersto one or more items of data by which the originator of a channelcreation request or a channel access request may be identified. Theoriginator identification may be an email address, user identifier,global identifier, an IP address, or any other type of information thatcan identify a requesting entity. In some embodiments the originatoridentification may include a group identifier, which may uniquelyidentify a group associated with the originator of the channel creationrequest or channel access request.

A “sending user identifier” is associated with a collection of messagesthat are sent by a particular user (i.e., a client device associatedwith the particular user). These messages may be analyzed to determinecontext regarding the user (e.g., the user's expertise or interest in atopic may be determined based on the frequency of mention of the topicor key words associated with the topic within such messages).

Group-based communication system users may join and/or createcommunication channels. Some communication channels may be globallyaccessible to those users associated with a particular group identifier(i.e., users who are members of the organization). The communicationchannel identifier may be used to facilitate access control for amessage (e.g., access to the message, such as having the message returnas part of search results in response to a search query, may berestricted to those users associated with the communication channelidentifier, or who have the ability to join the communication channel).The communication channel identifier may be used to determine contextfor the message (e.g., a description of the communication channel, suchas a description of a project discussed in the communication channel,may be associated with the communication channel identifier).

The term “private communication channel” refers to a communicationchannel with restricted access such that it is not generally accessibleand/or searchable by other members of the group-based communicationsystem. For example, only those users or administrators who haveknowledge of and permission to access (e.g., the user identifier of aparticular user is associated with a communication channel identifierfor the private communication channel after the user has beenvalidated/authenticated) the private communication channel may viewcontent of the private communication channel.

The term “whitelist” should be understood to refer to access controlparameters that indicate to a group-based communication platform one ormore members of a group-based communication system allowed to take anaction (e.g. joining a channel or group). The members may be identifiedby one or more user identifiers. It should be understood thatwhitelisting may be provided for specific groups, enterprises, channels,and/or the like. Accordingly whitelists may be stored withingroup-specific, enterprise-specific, channel-specific, and/or otherdatabase shards.

The term “blacklist” should be understood to refer to access controlparameters that indicate to a group-based communication platform one ormore members of a group-based communication system that are restrictedfrom taking an action (e.g. joining a channel or group). The members maybe identified by one or more user identifiers. It should be understoodthat whitelisting may be provided for specific groups, enterprises,channels, and/or the like. Accordingly blacklists may be stored withingroup-specific, enterprise-specific, channel-specific, and/or otherdatabase shards.

The term “application identifier” refers to one or more items of datathat uniquely identify, to a group-based communications server, anapplication, such as an external application, which may be at leastpartially executable on a third-party computing system based on dataprovided from the group-based communication platform.

The term “application install request” refers to one or more items ofdata that indicate to a group-based communication platform a request toinstall an application in a group-based communication channel. Theapplication install request can include an enterprise identifier, agroup identifier, a user identifier, and/or channel identifier.

The term “application data” refers to one or more items of data that canbe used by the group-based communication platform to obtain anapplication. The application data can include a link or source fromwhich an application may be downloaded and authentication parameters fordownloading the application

“Interface computing entities” as discussed herein with reference tovarious embodiments are computing devices (or portions of computingdevices) for maintaining communication connections with various clientdevices. Specifically, interface computing entities may be configuredfor maintaining websocket connections initiated by each of a pluralityof client devices for transmitting messages (e.g., object updates) andcorresponding metadata (e.g., comprising object identifiers) in realtime between message distribution servers of the group-basedcommunication platform and respective client devices. In certainembodiments, the interface computing entities generate and maintainbackend connections with one or more message distribution servers asdiscussed herein for obtaining messages to be disseminated to thevarious client devices.

“Message distribution servers” as discussed herein with reference tocertain embodiments are computing devices configured for interactingwith various client devices (e.g., via an interface computing entity)for receiving and/or disseminating messages among client devices.Message distribution servers may be configured to receive, generate,store (in an associated database), and/or direct messages received fromand/or disseminated to users (e.g., via corresponding client devices).The functionality of the message distribution servers may be providedvia a single server or collection of servers having a commonfunctionality, or the functionality of the message distribution serversmay be segmented among a plurality of servers or collections of serversperforming subsets of the described functionality of the messagedistribution servers. For example, a first subset of messagedistribution servers—gateway servers—may be configured for receivingmessages from client devices and/or for transmitting messages to clientdevices via an interface computing entity. These gateway servers may bein communication with a second subset of message distributionservers—channel servers—configured for collecting messages distributedwithin communication channels and for storing those messages within amessage repository database for indexing and archiving. In certainembodiments, the channel servers may be in communication with theinterface computing entities to provide various messages to clientdevices.

In certain embodiments, one or more of the interface computing entitiesand/or the message distribution servers may be geographicallydistributed, for example, to service client devices locatedgeographically proximate the one or more computing entities. However, incertain embodiments the various computing entities (including theinterface computing entities and/or the message distribution servers)may be centrally-located.

Example System Architecture

Methods, apparatuses, and computer program products of the presentinvention may be embodied by any of a variety of devices. For example,the method, apparatus, and computer program product of an exampleembodiment may be embodied by a network device, such as a server orother network entity, configured to communicate with one or moredevices, such as one or more client devices. In some preferred andnon-limiting embodiments, the computing device may include fixedcomputing devices, such as a personal computer or a computerworkstation. Still further, example embodiments may be embodied by anyof a variety of mobile devices, such as a portable digital assistant(PDA), mobile phone, smartphone, laptop computer, tablet computer,wearable device, or any combination of the aforementioned devices.

FIG. 1 illustrates example computing systems within which embodiments ofthe present invention may operate. Users may access a group-basedcommunication platform 105 via a communication network 103 using clientdevices 101A-101N.

Communication network 103 may include any wired or wirelesscommunication network including, for example, a wired or wireless localarea network (LAN), personal area network (PAN), metropolitan areanetwork (MAN), wide area network (WAN), or the like, as well as anyhardware, software and/or firmware required to implement it (such as,e.g., network routers, etc.). For example, communication network 103 mayinclude a cellular telephone, an 802.11, 802.16, 802.20, and/or WiMaxnetwork. Further, the communication network 103 may include a publicnetwork, such as the Internet, a private network, such as an intranet,or combinations thereof, and may utilize a variety of networkingprotocols now available or later developed including, but not limited toTCP/IP based networking protocols. As discussed herein, the networkingprotocol is configured to enable data transmission via websocketcommunications. For instance, the networking protocol may be customizedto suit the needs of the group-based communication system. In someembodiments, the protocol is a custom protocol of JSON objects sent viaa websocket channel. In some embodiments, data may be transmitted via aplurality of protocols, such as JSON over RPC, JSON over REST/HTTP, andthe like.

In the illustrated embodiment, the group-based communication platform105 includes a plurality of message distribution servers 107A-107Naccessible via the communication network 103 via an interface computingentity 109. Collectively, the message distribution servers 107A-107N areconfigured for receiving messages transmitted from one or more clientdevices 101A-101N, storing the messages within database storage areasfor individual communication channels, and/or for transmitting messagesto appropriate client devices 101A-101N via an interface computingentity 109.

Similarly, the interface computing entity 109 (or plurality of interfacecomputing entities 109) may be embodied as a computer or computers asknown in the art. In the illustrated embodiment of FIG. 1, the interfacecomputing entity 109 provides for receiving electronic data from varioussources, including, but not limited to the client devices 101A-101N(e.g., via websocket communications over the communications network 103)and/or the message distribution servers 107A-107N (e.g., via backendcommunications). Moreover, the interface computing entity 109 of theillustrated embodiment is also configured to parse metadata provided asa portion of one or more electronic messages, and to direct incomingelectronic messages to one or more message distribution servers107A-107N based at least in part on the content of the metadataassociated with the electronic messages and/or to direct outboundelectronic messages to one or more client devices 101A-101N based atleast in part on the content of the metadata associated with theelectronic messages.

The client devices 101A-101N may be any computing device as definedabove. Electronic message data exchanged between the messagedistribution servers 107A-107N and the client devices 101A-101N via theinterface computing entity 109 may be provided in various forms and viavarious methods.

In some preferred and non-limiting embodiments, one or more of theclient devices 101A-101N are mobile devices, such as smartphones ortablets. The one or more client devices may execute an “app” to interactwith the message distribution servers 107A-107N and/or interfacecomputing entity 109. Such apps are typically designed to execute onmobile devices, such as smartphones or tablets. For example, an app maybe provided that executes on mobile device operating systems such asApple Inc.'s iOS®, Google Inc.'s Android®, or Microsoft Inc.'s Windows10 Mobile®. These platforms typically provide frameworks that allow appsto communicate with one another, and with particular hardware andsoftware components of mobile devices. For example, the mobile operatingsystems named above each provides frameworks for interacting withlocation services circuitry, wired and wireless network interfaces, usercontacts, and other applications. Communication with hardware andsoftware modules executing outside of the app is typically provided viaapplication programming interfaces (APIs) provided by the mobile deviceoperating system. Thus, via the app executing on the client devices101A-101N, these client devices 101A-101N are configured forcommunicating with the group-based communication platform 105 via one ormore websockets.

In some preferred and non-limiting embodiments, the client devices101A-101N may interact with the message distribution servers 107A-107Nand/or interface computing entity 109 via a web browser. The clientdevices 101A-101N may also include various hardware or firmware designedto interact with the message distribution servers 107A-107N and/orinterface computing entity 109. Again, via the browser of the clientdevices 101A-101N, the client devices 101A-101N are configured forcommunicating with the group-based communication platform 105 via one ormore websockets.

In some embodiments of an exemplary group-based communication platform105, a message or messaging communication may be sent from a clientdevice 101A-101N to a group-based communication platform 105. In variousimplementations, messages may be sent to the group-based communicationplatform 105 over communication network 103 directly by one of theclient devices 101A-101N. The messages may be sent to the group-basedcommunication platform 105 via an intermediary. For example, a clientdevice 101A-101N may be a desktop, a laptop, a tablet, a smartphone,and/or the like that is executing a client application (e.g., agroup-based communication app). In one implementation, the message mayinclude data such as a message identifier, sending user identifier, agroup identifier, a group-based communication channel identifier,message contents (e.g., text, emojis, images, links), attachments (e.g.,files), message hierarchy data (e.g., the message may be a reply toanother message), third party metadata, and/or the like. In oneembodiment, the client device 101A-101N may provide the followingexample message, substantially in the form of a (Secure) HypertextTransfer Protocol (“HTTP(S)”) POST message including eXtensible MarkupLanguage (“XML”) formatted data, as provided below:

POST/authrequest.php HTTP/1.1

Host: www.server.com

Content-Type: Application/XML

Content-Length: 667

<?XML version=“1.0” encoding=“UTF-8”?>

<auth_request>

<timestamp>2020-12-31 23:59:59</timestamp>

<user_accounts_details>

-   -   <user_account_credentials>        -   <user_name>ID_user_1</user_name>        -   <password>abc123</password>        -   //OPTIONAL <cookie>cookieID</cookie>        -   //OPTIONAL            <digital_cert_link>www.mydigitalcertificate.com/JohnDoeDaDoeDoe@gmail.com/mycertifcate.dc</digital_cert_link>        -   //OPTIONAL <digital_certificate>_DATA_</digital_certificate>    -   </user_account_credentials>

</user_accounts_details>

<client_details>//iOS Client with App and Webkit

-   -   //it should be noted that although several client details    -   //sections are provided to show example variants of client    -   //sources, further messages will include only on to save    -   //space    -   <client_IP>10.0.0.123</client_IP>    -   <user_agent_string>Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_1 like        Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0        Mobile/11D201 Safari/9537.53</user_agent_string>    -   <client_product_type>iPhone6,1</client_product_type>    -   <client_serial_number>DNXXX1X1XXXX</client_serial_number>    -   <client_UDID>3XXXXXXXXXXXXXXXXXXXXXXXXD</client_UDID>    -   <client_OS>iOS</client_OS>    -   <client_OS_version>7.1.1</client_OS_version>    -   <client_app_type>app with webkit</client_app_type>    -   <app_installed_flag>true</app_installed_flag>    -   <app_name>MSM.app</app_name>    -   <app_version>1.0</app_version>    -   <app_webkit_name>Mobile Safari</client_webkit_name>    -   <client_version>537.51.2</client_version>

</client_details>

<client_details>//iOS Client with Webbrowser

-   -   <client_IP>10.0.0.123</client_IP>    -   <user_agent_string>Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_1 like        Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0        Mobile/11D201 Safari/9537.53</user_agent_string>    -   <client_product_type>iPhone6,1</client_product_type>    -   <client_serial_number>DNXXX1X1XXXX</client_serial_number>    -   <client_UDID>3XXXXXXXXXXXXXXXXXXXXXXXXD</client UDID>    -   <client_OS>iOS</client_OS>    -   <client_OS_version>7.1.1</client_OS_version>    -   <client_app_type>web browser</client_app_type>    -   <client_name>Mobile Safari</client_name>    -   <client_version>9537.53</client_version>

</client_details>

<client_details>//Android Client with Webbrowser

-   -   <client_IP>10.0.0.123</client_IP>    -   <user_agent_string>Mozilla/5.0 (Linux; U; Android 4.0.4; en-us;        Nexus S Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko)        Version/4.0 Mobile Safari/534.30</user_agent_string>    -   <client_product_type>Nexus S</client_product_type>    -   <client_serial_number>YXXXXXXXXZ</client_serial_number>    -   <client_UDID>FXXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXX</client_UDID>    -   <client_OS>Android</client_OS>    -   <client_OS_version>4.0.4</client_OS_version>    -   <client_app_type>web browser</client_app_type>    -   <client_name>Mobile Safari</client_name>    -   <client_version>534.30</client_version>

</client_details>

<client_details>//Mac Desktop with Webbrowser

-   -   <client_IP>10.0.0.123</client_IP>    -   <user_agent_string>Mozilla/5.0 (Macintosh; Intel Mac OS X        10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3        Safari/537.75.14</user_agent_string>    -   <client_product_type>MacPro5,1</client_product_type>    -   <client_serial_number>YXXXXXXXXZ</client serial number>    -   <client_UDID>FXXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXX</client_UDID>    -   <client_OS>Mac OS X</client_OS>    -   <client_OS_version>10.9.3</client_OS_version>    -   <client_app_type>web browser</client_app_type>    -   <client_name>Mobile Safari</client_name>    -   <client_version>537.75.14</client_version>

</client_details>

<message>

-   -   <message_identifier>ID_message_10</message_identifier>    -   <team_identifier>ID_team_1</team_identifier>    -   <channel_identifier>ID_channel_1</channel_identifier>    -   <contents>That is an interesting invention. I have attached a        copy our patent policy.</contents>    -   <attachments>patent_policy.pdf</attachments>

</message>

</auth_request>

In the illustrated embodiment, the group-based communication platform105 comprises a plurality of message distribution servers 107A-107Nconfigured to receive and/or disseminate messages transmitted betweenand/or to a plurality of client devices 101A-101N within a channelidentified by a channel identifier and/or a group identifier, and tofacilitate dissemination of those messages among client devices101A-101N that collectively form the membership of the communicationchannel.

In some embodiments, data indicating responses may be associated withthe message. For example, responses to the message by other users mayinclude reactions (e.g., selection of an emoji associated with themessage, selection of a “like” button associated with the message),clicking on a hyperlink embedded in the message, replying to the message(e.g., posting a message to the communication channel interface inresponse to the message), downloading a file associated with themessage, sharing the message from one group-based communication channelto another group-based communication channel, pinning the message,starring the message, and/or the like. In one implementation, dataregarding responses to the message by other users may be included withthe message, and the message may be parsed (e.g., using PHP commands) todetermine the responses. In another implementation, data regardingresponses to the message may be retrieved from a database. For example,data regarding responses to the message may be retrieved via a Vitessdatabase command, or a MySQL database command similar to the following:

SELECT messageResponses

FROM MSM_Message

WHERE messageID=ID_message_10.

For example, data regarding responses to the message may be used todetermine context for the message (e.g., a social score for the messagefrom the perspective of some user). In another example, data regardingresponses to the message may be analyzed to determine context regardingthe user (e.g., the user's expertise in a topic may be determined basedon the responses to the user's message regarding the topic).

In embodiments, attachments may be included with the message. If thereare attachments, files may be associated with the message. In oneimplementation, the message may be parsed (e.g., using PHP commands) todetermine file names of the attachments.

For example, file contents may be analyzed to determine context for themessage (e.g., a patent policy document may indicate that the message isassociated with the topic “patents”).

In embodiments, a conversation primitive may be associated with themessage. In one implementation, a conversation primitive is an elementused to analyze, index, store, and/or the like messages. For example,the message may be analyzed by itself, and may form its own conversationprimitive. In another example, the message may be analyzed along withother messages that make up a conversation, and the messages that makeup the conversation may form a conversation primitive. In oneimplementation, the conversation primitive may be determined as themessage, a specified number (e.g., two) of preceding messages and aspecified number (e.g., two) of following messages. In anotherimplementation, the conversation primitive may be determined based onanalysis of topics discussed in the message and other messages (e.g., inthe channel) and/or proximity (e.g., message send order proximity,message send time proximity) of these messages.

In embodiments, various metadata, determined as described above, and/orthe contents of the message may be used to index the message (e.g.,using the conversation primitive) and/or to facilitate various facets ofsearching (i.e., search queries that return results from the messagedistribution servers 107). Metadata associated with the message may bedetermined and the message may be indexed in the message distributionservers 107A-107N. In one embodiment, the message may be indexed suchthat a messages shared within a particular communication channel arestored separately. In one implementation, messages may be indexed at aplurality of separate distributed repositories (e.g., to facilitatescalability). If there are attachments associated with the message, filecontents of the associated files may be used to index such files in themessage distribution servers 107A-107N to facilitate searching.

Examples of electronic information exchange among one or more clientdevices 101A-101N and the group-based communication platform 105 aredescribed below with reference to FIG. 1.

As shown in FIG. 1, the group-based communication platform 105 enablesindividual client devices 101A-101N to exchange messages with oneanother via the group-based communication platform 105. To exchange suchmessages, individual client devices 101A-101N transmit messages (e.g.,text-based messages, files, video and/or audio streams, and/or the like)to an interface (e.g., interface computing entity 109) via acommunication protocol (e.g., via a websocket, a non-RTM messagingprotocol, and/or the like). Those messages are ultimately provided toone or more message distribution servers 107A-107N, which indexes themessages within sharded storage databases 108A-108N (e.g., based oncommunication channel identifiers transmitted with the message andindicative of the target communication channel for the message) anddistributes those messages to the intended recipients (e.g., clientdevices 101A-101N) of the message. The distributed messages are providedto the recipient client devices 101A-101N via the interface computingentity 109, which maintains websocket connections with individualrecipient client devices 101A-101N of the message, and maintains one ormore backend connections with the various message distribution servers107A-107N.

Messages and other data exchanged via the group-based communicationplatform 105 are stored in a plurality of database shards extendingacross a plurality of sharded storage databases 108A-108N. The storagelocation for various messages may be determined based at least in parton the channel in which the message is shared (thus the storage locationis determined based at least in part on the channel identifierassociated with the message). In certain embodiments, a plurality ofchannels associated with a particular enterprise, organization, and/orthe like may be stored across a plurality of database shards within thesharded storage databases 108A-108N. The message distribution serversmay thus utilize a plurality of data tables for identifying a storagelocation for messages exchanged within a particular channel and formanaging access authorization for users to obtain access to messagesexchanged within a particular channel.

According to the embodiment of FIG. 1, the client devices 101A-101N areconfigured to display the received message in contextually-relevant userinterfaces available to the user of the client device 101A-101N. Forexample, messages transmitted from a first client device 101 as a partof a communication channel are displayed in a user interface displaywindow on client devices 101A-101N associated with other members of thecommunication channel.

To distribute messages to individual client devices 101A-101N, themessages are retrieved from corresponding memory storage shards of thesharded storage databases (e.g., utilizing an index table to directmessage distribution servers 107A-107N to retrieve the appropriatemessages disseminated within the corresponding communication channel),and are transmitted from the message distribution servers 107A-107N tothe interface computing entity 109, which directs all messages destinedfor respective ones of the client devices 101A-101N, and transmits allof those messages to the client devices 101A-101N over appropriateconnections (e.g., websocket connections).

Example Apparatuses Utilized with Various Embodiments

Each message distribution server 107 may be embodied by one or morecomputing systems, such as apparatus 200 shown in FIG. 2. The apparatus200 may include processor 202, memory 204, input/output circuitry 206,communications circuitry 208, and message amplifier circuitry 210. Theapparatus 200 may be configured to execute the operations describedherein with respect to FIGS. 1-9. Although these components 202-210 aredescribed with respect to functional limitations, it should beunderstood that the particular implementations necessarily include theuse of particular hardware. It should also be understood that certain ofthese components 202-210 may include similar or common hardware. Forexample, two sets of circuitries may both leverage use of the sameprocessor, network interface, storage medium, or the like to performtheir associated functions, such that duplicate hardware is not requiredfor each set of circuitries.

In some embodiments, the processor 202 (and/or co-processor or any otherprocessing circuitry assisting or otherwise associated with theprocessor) may be in communication with the memory 204 via a bus forpassing information among components of the apparatus. The memory 204 isnon-transitory and may include, for example, one or more volatile and/ornon-volatile memories. In other words, for example, the memory 204 maybe an electronic storage device (e.g., a computer-readable storagemedium). The memory 204 may be configured to store information, data,content, applications, instructions, or the like for enabling theapparatus to carry out various functions in accordance with exampleembodiments of the present invention.

The processor 202 may be embodied in a number of different ways and may,for example, include one or more processing devices configured toperform independently. In some preferred and non-limiting embodiments,the processor 202 may include one or more processors configured intandem via a bus to enable independent execution of instructions,pipelining, and/or multithreading. The use of the term “processingcircuitry” may be understood to include a single core processor, amulti-core processor, multiple processors internal to the apparatus,and/or remote or “cloud” processors.

In some preferred and non-limiting embodiments, the processor 202 may beconfigured to execute instructions stored in the memory 204 or otherwiseaccessible to the processor 202. In some preferred and non-limitingembodiments, the processor 202 may be configured to execute hard-codedfunctionalities. As such, whether configured by hardware or softwaremethods, or by a combination thereof, the processor 202 may represent anentity (e.g., physically embodied in circuitry) capable of performingoperations according to an embodiment of the present invention whileconfigured accordingly. Alternatively, as another example, when theprocessor 202 is embodied as an executor of software instructions, theinstructions may specifically configure the processor 202 to perform thealgorithms and/or operations described herein when the instructions areexecuted.

As just one example, the processor 202 may be configured to maintain oneor more communication channels connecting a plurality of client devices101A-101N to enable message sharing/dissemination therebetween. Theprocessor 202 ensures that messages intended for exchange between theclient devices 101A-101N within the particular communication channel areproperly disseminated to those client devices 101A-101N for displaywithin respective display windows provided via the client devices101A-101N.

Moreover, the processor 202 may be configured to synchronize messagesexchanged on a particular communication channel with a database forstorage and/or indexing of messages therein. The database may utilizeany of a variety of database storage and indexing methodologies, such asthose associated with MySQL, Vitess, and/or the like. In certainembodiments, the processor 202 may provide stored and/or indexedmessages (e.g., indexed based on key data corresponding to the messageand associated database shard to which the message is indexed) to theinterface computing entity 109 for dissemination to client devices101A-101N. The processor 202 may additionally be configured to maintaina reference (e.g., a data table) for indicating where messages relatingto particular communication channels are stored. Because data may besharded to a plurality of discrete storage locations based on channelidentifier, the processor 202 may be configured to direct messages tothe appropriate storage location once received, and to direct messagesfrom particular database shards to appropriate client devices todisseminate messages exchanged within a particular communicationchannel.

The database may be embodied as a plurality of physically discrete datastorage areas (e.g., each defining one or more database shards), eachwith unique defining characteristics. For example, each physicaldiscrete data storage area may have an associated physical location, anassociated unique identifier, and/or the like. These physically discretedata storage areas may be configured for operating as a cohesive storageunit that may be accessed, for example, by one or more messagedistribution servers 107A-107N. Moreover, the group-based communicationplatform 105 may be configured for storing related data, such asmessages exchanged within a common communication channel, within acommon discrete data storage device. This storage strategy, referred toherein as database sharding, may utilize a plurality of data tables formanaging access to the data stored in corresponding database shards(e.g., each shard being utilized to store data relating to a particularcommunication channel). These data tables may utilize one or more keys(e.g., as utilized in Vitess data storage strategies) to createinter-table references, and to maintain an indication of specificstorage locations for data (e.g., storage locations corresponding toparticular communication channels). Thus, a plurality of communicationchannels relating to a single group may be stored within database shardson a plurality of physically discrete database storage devices, therebyenabling horizontal scaling of data stored for a particular group.

In some embodiments, the apparatus 200 may include input/outputcircuitry 206 that may, in turn, be in communication with processor 202to provide output to the user and, in some embodiments, to receive anindication of a user input. The input/output circuitry 206 may comprisea user interface and may include a display, and may comprise a web userinterface, a mobile application, a client device, a kiosk, or the like.In some embodiments, the input/output circuitry 206 may also include akeyboard, a mouse, a joystick, a touch screen, touch areas, soft keys, amicrophone, a speaker, or other input/output mechanisms. The processorand/or user interface circuitry comprising the processor may beconfigured to control one or more functions of one or more userinterface elements through computer program instructions (e.g., softwareand/or firmware) stored on a memory accessible to the processor (e.g.,memory 204, and/or the like).

The communications circuitry 208 may be any means such as a device orcircuitry embodied in either hardware or a combination of hardware andsoftware that is configured to receive and/or transmit data from/to anetwork and/or any other device, circuitry, or module in communicationwith the apparatus 200. In this regard, the communications circuitry 208may include, for example, a network interface for enablingcommunications with a wired or wireless communication network. Forexample, the communications circuitry 208 may include one or morenetwork interface cards, antennae, buses, switches, routers, modems, andsupporting hardware and/or software, or any other device suitable forenabling communications via a network. Additionally or alternatively,the communications circuitry 208 may include the circuitry forinteracting with the antenna/antennae to cause transmission of signalsvia the antenna/antennae or to handle receipt of signals received viathe antenna/antennae.

Message amplifier circuitry 210 includes hardware configured to copy andamplify electronic messages and associated metadata received from one ormore client devices 101A-101N to other client devices 101A-101N based ondatabase shard(s). The message amplifier circuitry 210 may utilizeprocessing circuitry, such as the processor 202, to perform theseactions. However, it should also be appreciated that, in someembodiments, the message amplifier circuitry 210 may include a separateprocessor, specially configured Field Programmable Gate Array (FPGA), orApplication Specific Integrated Circuit (ASIC) for performing thefunctions described herein. The message amplifier circuitry 210 may beimplemented using hardware components of the apparatus configured byeither hardware or software for implementing these planned functions.

It is also noted that all or some of the information discussed hereincan be based on data that is received, generated and/or maintained byone or more components of apparatus 200. In some embodiments, one ormore external systems (such as a remote cloud computing and/or datastorage system) may also be leveraged to provide at least some of thefunctionality discussed herein.

In the illustrated embodiment of FIG. 3, the interface computing entity109 is embodied by one or more computing systems encompassing apparatus300. The illustrated apparatus 300 includes processor 301, memory 303,input/output circuitry 305, and communications circuitry 307. Theapparatus 300 may be configured to execute the operations describedherein with respect to FIGS. 1-9. Although these components 301-307 aredescribed with respect to functional limitations, it should beunderstood that the particular implementations necessarily include theuse of particular hardware. It should also be understood that certain ofthese components 301-307 may include similar or common hardware. Forexample, two sets of circuitries may both leverage use of the sameprocessor, network interface, storage medium, or the like to performtheir associated functions, such that duplicate hardware is not requiredfor each set of circuitries.

In some embodiments, the processor 301 (and/or co-processor or any otherprocessing circuitry assisting or otherwise associated with theprocessor) may be in communication with the memory 303 via a bus forpassing information among components of the apparatus. The memory 303 isnon-transitory and may include, for example, one or more volatile and/ornon-volatile memories. In other words, for example, the memory 303 maybe an electronic storage device (e.g., a computer-readable storagemedium). The memory 303 may be configured to store information, data,content, applications, instructions, or the like for enabling theapparatus 300 to carry out various functions in accordance with exampleembodiments of the present invention. For example, the memory 303 may beconfigured to cache messages exchanged on one or more group-basedcommunication channels, such that the processor 301 may provide variousmessages to client devices (e.g., on an as needed or as requestedbasis).

In some preferred and non-limiting embodiments, the processor 301 may beconfigured to execute instructions stored in the memory 303 or otherwiseaccessible to the processor 301. In some preferred and non-limitingembodiments, the processor 301 may be configured to execute hard-codedfunctionalities. As such, whether configured by hardware or softwaremethods, or by a combination thereof, the processor 301 may represent anentity (e.g., physically embodied in circuitry) capable of performingoperations according to an embodiment of the present invention whileconfigured accordingly. Alternatively, as another example, when theprocessor 301 is embodied as an executor of software instructions, theinstructions may specifically configure the processor 301 to perform thealgorithms and/or operations described herein when the instructions areexecuted.

In some embodiments, the apparatus 300 may include input/outputcircuitry 305 that may, in turn, be in communication with processor 301to provide output to the user and, in some embodiments, to receive anindication of a user input. The input/output circuitry 305 may comprisea user interface and may include a display, and may comprise a web userinterface, a mobile application, a client device, a kiosk, or the like.In some embodiments, the input/output circuitry 305 may also include akeyboard, a mouse, a joystick, a touch screen, touch areas, soft keys, amicrophone, a speaker, or other input/output mechanisms.

The communications circuitry 307 may be any means such as a device orcircuitry embodied in either hardware or a combination of hardware andsoftware that is configured to receive and/or transmit data from/to anetwork and/or any other device, circuitry, or module in communicationwith the apparatus 300. In this regard, the communications circuitry 307may include, for example, a network interface for enablingcommunications with a wired or wireless communication network. Forexample, the communications circuitry 307 may include one or morenetwork interface cards, antennae, buses, switches, routers, modems, andsupporting hardware and/or software, or any other device suitable forenabling communications via a network. Additionally or alternatively,the communications circuitry 307 may include the circuitry forinteracting with the antenna/antennae to cause transmission of signalsvia the antenna/antennae or to handle receipt of signals received viathe antenna/antennae.

It is also noted that all or some of the information discussed hereincan be based on data that is received, generated and/or maintained byone or more components of apparatus 300. In some embodiments, one ormore external systems (such as a remote cloud computing and/or datastorage system) may also be leveraged to provide at least some of thefunctionality discussed herein.

Moreover, although the interface computing entity 109 is shown withinthe bounds of the group-based communication platform 105, it should beunderstood that the interface computing entity 109 may be embodied as anedge-based computing device in communication with aspects of thegroup-based communication platform 105 via a communication network 103.Such embodiments may comprise a plurality of interface computingentities 109 that are geographically distributed, and such interfacecomputing entities 109 may be configured for communicating with clientdevices 101A-101N within a geographic range proximate a respectiveinterface computing entity 109.

The term “circuitry” should be understood broadly to include hardwareand, in some embodiments, software for configuring the hardware. Withrespect to components of each apparatus 200, 300, the term “circuitry”as used herein should therefore be understood to include particularhardware configured to perform the functions associated with theparticular circuitry as described herein. For example, in someembodiments, “circuitry” may include processing circuitry, storagemedia, network interfaces, input/output devices, and the like. In someembodiments, other elements of the apparatus 200 may provide orsupplement the functionality of particular circuitry. For example, theprocessor 202 may provide processing functionality, the memory 204 mayprovide storage functionality, the communications circuitry 208 mayprovide network interface functionality, and the like. Similarly, otherelements of the apparatus 300 may provide or supplement thefunctionality of particular circuitry. For example, the processor 301may provide processing functionality, the memory 303 may provide storagefunctionality, the communications circuitry 307 may provide networkinterface functionality, and the like.

As will be appreciated, any such computer program instructions and/orother type of code may be loaded onto a computer, processor or otherprogrammable apparatus's circuitry to produce a machine, such that thecomputer, processor or other programmable circuitry that execute thecode on the machine creates the means for implementing variousfunctions, including those described herein.

As described above and as will be appreciated based on this disclosure,embodiments of the present invention may be configured as methods,mobile devices, backend network devices, and the like. Accordingly,embodiments may comprise various means including entirely of hardware orany combination of software and hardware. Furthermore, embodiments maytake the form of a computer program product on at least onenon-transitory computer-readable storage medium having computer-readableprogram instructions (e.g., computer software) embodied in the storagemedium. Any suitable computer-readable storage medium may be utilizedincluding non-transitory hard disks, CD-ROMs, flash memory, opticalstorage devices, or magnetic storage devices.

Moreover, although not shown, various embodiments of a group-basedcommunication platform may comprise one or more databases configured forstoring and/or indexing messages exchanged within various group-basedcommunication channels.

Example Implementation

The group-based communication platform 105 is configured to supportcommunications within a plurality of different communication channels,each of which may be utilized to exchange messages between a differentplurality of users (and their associated user devices 101A-101N), andeach plurality of users may be associated with a different team orgroup. The group-based communication platform 105 is thus configured formanaging access to each of those communication channels such thatcommunication channels associated with particular groups may be isolatedand inaccessible to users not associated with the particular groups.Because communication channels (and the messages exchanged therein) arestored in various database shards that may not be grouped based on groupidentifiers, the group-based communication platform 105 utilizes aplurality of data tables for managing associations between variouscommunication channels (e.g., for managing associations amongcommunication channels operating within a particular group) and formanaging user access to data stored in association with thosecommunication channels. Moreover, one or more of these data tablesfurther manages user memberships within individual channels, toassociate users (and their associated user profiles) with communicationchannels for which the users are members.

These data tables further correlate particular group-based communicationchannels with particular groups (and/or enterprises, which may sharevarious characteristics with the group designation, including thecapability to be correlated with individual group-based communicationchannels via groups-channels data tables). This group-channelcorrelation is further utilized for managing user access to particularchannels, and for applying group- (or enterprise-) specific parametersto individual communication channels. In certain embodiments, theseparameters may be applied channel-wide, such that they apply to allmembers of a particular channel. In other embodiments, the parametersmay be applied for members of a particular group within a channel, suchthat different members of a channel may be subject to differentgroup-specific parameters if a channel is shared across multiple groups.Such implementations may result in different members of a communicationchannel having a different user experience (as impacted via a userdevice 101A-101N).

Communication Channel Storage for an Enterprise

As discussed above, an enterprise may comprise a plurality of subgroupsand a plurality of users, and several communication channels may beestablished between members of the enterprise (and/or with users outsideof the enterprise). Thus, the enterprise structure provides ahierarchical structure associated with a particular group, in which anenterprise (of which all users associated with the group may be a memberof) may encompass a plurality of subgroups (of which a subset of usersassociated with the group may be a member of). Communication channelsmay be associated with the enterprise or with one or more subgroups andmay still be accessible only to users associated with the groupcorresponding to the enterprise. Because communication channels arestored within a plurality of physically disparate database shards, thegroup-based communication platform 105 utilizes a plurality of datatables to relate communication channels with related groups (andenterprises), to relate communication channels with users, and to relateusers with groups, subgroups, and/or enterprises.

The data tables utilized to relate communication channels withparticular groups (and enterprises) may be stored in one or more group-(or enterprise-) specific database shards. Moreover, these group- (orenterprise-) specific database shards may be configured for storinggroup- (or enterprise-) specific policies applicable to communicationchannels associated with the group (or enterprise). In certainembodiments, these group- (or enterprise-) specific policies may beenacted for specific channels by referencing these group- (orenterprise-) specific policies when providing channel-specific data toparticular user devices 101A-101N. In such embodiments, multiple sets ofgroup- (or enterprise-) specific policies may be applied to a particularchannel, particularly when members of the channel are also members ofdiffering groups. Thus, when providing channel-specific data to a userdevice 101 associated with a given user, the user's membership in aparticular group may be determined, and group- (or enterprise-) specificpolicies may be retrieved for the transmission to the particular userdevice 101.

In other embodiments, group- (or enterprise-) specific policies may beapplied to particular communication channels by storing those group- (orenterprise-) specific policies within a channel-specific database shardassociated with the channel. For example, when first generating acommunication channel, the channel may be associated with one or moregroups, and the group- (or enterprise-) specific policies may beidentified and provided for storage within a channel-specific shardgenerated for the communication channel.

Notably, communication channels are related to groups (and/orenterprises) through a groups-channels data table such as that shown inFIG. 9. The groups-channels data table enables the group-basedcommunication platform 105 to identify all of those channels that areassociated with a particular group and their respective database shardstorage location. By using the unique channel identifier to obtainadditional data regarding each of those channels within a channels datatable (such as that shown in FIG. 7), the group-based communicationplatform 105 may then retrieve data indicative of characteristics ofeach of those channels, as well as data indicative of the physicalstorage location of the database shard where the communication channelis stored. Thus, all channels associated with a given group (orenterprise) need not be stored in a common database storage location tobe associated within the group-based communication platform 105.Moreover, utilizing a unique group identifier from the groups-channelsdata table to extract group-specific data from the group data tableenables the group-based communication platform 105 to identifyrelationships between individual groups and larger enterprises. Thus, acommunication channel identified as associated with a group may also beassociated with an enterprise to which the group relates.

The group-based communication platform 105 may be configured to generatea complete listing of all communication channels associated with aparticular group (or enterprise) based on the established relationshipsbetween channels and groups; and between groups and enterprises withinthe groups-channels data table and the group data table. Moreover, thegroup-based communication platform 105 may be configured to supplementthe listing of channels associated with particular group (or enterprise)with data indicative of the storage location of each of thosecommunication channels (e.g., based on Vitess keys), which may span aplurality of database shards.

Relationships between users and channels and between users and groupsmay be established and maintained based on other data tables utilized toestablish user membership within individual communication channels, toestablish eligibility to join other channels associated with the user'sgroup (or enterprise), and/or to establish eligibility to generatechannels associated with the user's group (or enterprise). For example,a channel-member data table (such as that shown in FIG. 6) may beutilized to establish a listing of members within a given channel. Thegroup-based communication platform 105 may thus utilize this listing ofchannel members to determine which client devices 101A-101N are toreceive messages exchanged within individual channels. Moreover, theusers-group data table (such as that shown in FIG. 5) may be utilized bythe group-based communication platform 105 to establish eligibility ofvarious members to join individual communication channels. For example,a user may only be eligible to join a communication channel if the useris a member of a group that is associated with the communication channel(in certain embodiments, privacy settings of a particular communicationchannel may establish additional criteria for a user to join aparticular communication channel). Those communication channelsassociated with groups that the user is not a member of are notavailable for the user to join. For added security, the group-basedcommunication channel 105 is configured such that a user is not able tosee or even know of the existence of communication channels that are notassociated with the user's group(s), subgroup(s), and/or enterprise.

Moreover, the group-based communication platform 105 may be configuredto utilize additional user data from a users data table to populate dataassociated with particular messages exchanged within a communicationchannel, and/or to provide external messages to the user, viaalternative contact information (e.g., an email address).

Communication Channel Creation

The group-based communication platform is configured to create newcommunication channels—and corresponding channel-based databaseshards—upon receipt of a communication channel creation request from aclient device corresponding with a user having channel creationauthorization. In certain embodiments, a graphical user interface asdescribed herein, provided to a user via a client device 101 may beconfigured such that only users that are authorized for channel creationhave interactive user interface elements configured for initializing thechannel creation process. In other embodiments, all user interfacespresented to any user (regardless of channel creation authorizationprivileges) comprises channel creation user interface elements. However,the group-based communication platform 105 may be configured to preventunauthorized users from creating any channels.

In certain embodiments, a channel creation process may vary depending onwhether the channel is to be utilized within a single group, within asingle enterprise, across groups within a single enterprise, or betweenmultiple groups existing within multiple enterprises.

Generating an intra-group communication channel may proceed inaccordance with the flowchart of FIG. 10. As shown therein, the processmay begin as shown at Block 1001, in which a user requests to generate anew communication channel and the request is transmitted to agroup-based communication platform 105. The user may interact with acorresponding element of a client device 101 user interface, such as aninteractive button requesting to generate a communication channel. Incertain embodiments, as a part of the initial communication channelcreation request, the client device 101 may present one or moreinteractive fillable-fields for the user to provide various desiredchannel settings and/or characteristics, such as a channel name, achannel topic, one or more initial users to invite to join the channel,one or more groups to be associated with the channel, whether thechannel is to be public or private, and/or the like. Upon receipt ofuser input for each of these channel characteristics, the client device101 may provide this channel creation data to the group-basedcommunication platform 105 within a channel creation request. Forintra-group channels, the channel creation request identifies a singlegroup to be associated with the channel.

Upon receipt of the channel creation request at the group-basedcommunication platform 105, the user's authorization credentials forcreating a channel are checked to determine whether the user isauthorized to initiate the creation of the requested channel.

To check the user's credentials, the group-based communication platform105 retrieves a user record within a users table stored therein. Incertain embodiments, data corresponding to the user, including a userprofile for the user, may be stored within a database shardcorresponding to the particular user. In these and other embodiments,the user profile may be identified by the group-based communicationplatform based on a user identifier included with the channel creationrequest. In certain embodiments, upon determining that the user is notauthorized to generate the requested channel, the group-basedcommunication platform transmits a denial message to the client device101, which may display the denial request to the user and the processends.

Upon determining that the user is authorized to initiate the creation ofa new intra-group communication channel, the group-based communicationplatform determines whether the requested channel settings comply withapplicable enterprise-specific policies. As indicated at Block 1002, thegroup-based communication platform 105 retrieves applicableenterprise-specific policies for the channel creation request. Thegroup-based communication platform 105 identifies a group to beassociated with the requested channel within the channel creationrequest, and looks up applicable enterprise policies via one or moregroup data tables (which link groups with corresponding enterprises, asindicated herein). Upon identifying applicable enterprise policies, thegroup-based communication platform 105 retrieves those enterprisepolicies from a corresponding enterprise-specific database shard, andcompares those enterprise policies against the requested channelsettings identified within the channel creation request. In certainembodiments, the group-based communication platform 105 mayautomatically adjust one or more channel settings to comply withenterprise-specific policies (upon determining that those channelsettings are not in compliance with applicable enterprise-specificpolicies). The group-based communication platform 105 may furtherprovide an indication of the changed channel settings to the requestingclient device 101 for presentation to the user. In other embodiments,the group-based communication platform 105 may request that the useradjust any channel settings that are not in compliance with applicableenterprise policies prior to proceeding to generate the newcommunication channel.

In certain embodiments, the group-based communication platform 105 mayfurther determine whether the user requesting to create the channel isan administrator associated with the group to which the requestedchannel is to be assigned. For example, the group-based communicationplatform 105 may retrieve data from a group-specific database shard toidentify a user identifier indicated as being an administrator for thegroup. The group-based communication platform may then compare the useridentified received as a part of the channel creation request againstthe user identifier indicated as being the administrator for theapplicable group. Upon determining that the user is not anadministrator, the group-based communication platform may transmit anapproval request to the identified group administrator to approve ordeny the channel creation request. If the administrator denies thechannel creation request, the process may end. However, if theadministrator approves the channel creation request, the processproceeds as discussed herein.

As shown at Block 1003, upon determining that the requested channelsettings comply with applicable enterprise-specific policies, thegroup-based communication platform 105 proceeds to create a new databaseshard for the requested channel. The group-based communication platform105 may generate appropriate partitions within available (unused orunderused) database storage devices to define a discrete database shardfor the new channel. The group-based communication platform 105 may thenpopulate the newly generated database shard with channel-specific data,such as the channel settings provided within the channel creationrequest as indicated at Block 1004.

The group-based communication platform 105 may additionally update oneor more data tables to provide data indicative of the channel (e.g., achannels data table) and for associating users with the newly generatedchannel (a channel-member data table) and associating the channel withan applicable group and enterprise for the channel (a groups-channelsdata table), as indicated at Block 1005. This process may additionallycomprise updating one or more user-specific database shards to providean appropriate indication of the user's membership in the newlygenerated channel, and/or updating one or more group-specific databaseshards to provide an appropriate indication that the newly generatedcommunication channel is available for users in a particular group. Incertain embodiments, updating the user-specific database shards and/orthe group-specific database shards causes updates to graphical userinterfaces provided to users (via corresponding client devices101A-101N) to indicate the availability of the newly generatedcommunication channel for use.

Moreover, the group-based communication platform 105 is configured togenerate and transmit invitations to join the newly createdcommunication channels to other users listed within the channel creationrequest. Those users may be given the option to accept or decline theinvitation to join. In other embodiments, the group-based communicationplatform 105 may automatically add those identified users as members ofthe newly generated channel. As a part of adding those users as membersof the channel, the group-based communication platform updatesuser-specific database shards corresponding to each of those users toreflect the newly generated membership in the channel. In otherembodiments, corresponding updates may be made to data inchannel-specific database shards to update the membership listing forthe particular channel.

Because enterprises are monitored and treated similarly as other groups,the process for generating an intra-enterprise channel available for allmembers associated with the particular enterprise (regardless ofmembership in groups nested within those enterprises) proceeds asdescribed above for intra-group channels. The generated whole-enterprisechannels have corresponding channel-specific database shards, and areassociated with the group identifier for the particular enterprise.Thus, users associated with the same enterprise may have access to thewhole-enterprise channel (assuming those members satisfy any applicablemembership criteria, which may be identified within the channelsettings). In certain embodiments, different criteria may apply todetermine whether a user is authorized to generate a whole-enterprisechannel as opposed to a channel associated with a particular group.Accordingly, when determining whether the user has authorization togenerate the requested channel, the group-based communication platform105 may query an enterprise-specific set of criteria for determiningwhether the user is authorized to generate a whole-enterprisecommunication channel (e.g., the enterprise-specific set of criteria mayinclude a whitelist of a blacklist of users identified as authorized togenerate a whole-enterprise channel, or users identified as unauthorizedto generate a whole-enterprise channel, respectively).

The process for generating an inter-group, intra-enterprise channel isdescribed with reference to FIG. 11, which illustrates howenterprise-specific parameters remain applicable in cross-groupchannels. The process discussed in reference to FIG. 11 results in thecreation of a channel available for access to members of a plurality ofdiscrete, identified groups all relating to a single enterprise. Inother words, only a subset of a particular enterprise's groups may berelated to the generated channel.

As shown at Block 1101, a user requests to initiate creation of a newcommunication channel via a corresponding client device 101, and theuser provides various channel characteristics, such as a channel name, achannel topic, one or more initial users to invite to join the channel,one or more groups to be associated with the channel, whether thechannel is to be public or private, and/or the like. Upon receipt ofuser input for each of these channel characteristics, the client device101 may provide this channel creation data to the group-basedcommunication platform 105 within a channel creation request. Forinter-group channels, the channel creation request identifies aplurality of groups to be associated with the channel. For inter-group,intra-enterprise channel creation requests, the identified plurality ofgroups within the channel creation request are associated with a single,common enterprise. Upon receipt of the channel creation request at thegroup-based communication platform 105, the user's authorizationcredentials for generating a channel are checked to determine whetherthe user is authorized to generate the requested channel. To check theuser's credentials, the group-based communication platform 105 retrievesa user record within a users table stored therein. In certainembodiments, data corresponding to the user, including a user profilefor the user, may be stored within a database shard corresponding to theparticular user. In these and other embodiments, the user profile may beidentified by the group-based communication platform based on a useridentifier included with the channel creation request. In certainembodiments, upon determining that the user is not authorized toinitiate the creation of the requested channel, the group-basedcommunication platform transmits a denial message to the client device101, which may display the denial request to the user and the processends.

Upon determining that the user is authorized to initiate the creation ofa new inter-group, intra-enterprise communication channel, thegroup-based communication platform determines whether the requestedchannel settings comply with applicable enterprise-specific policies. Asindicated at Block 1102, the group-based communication platform 105retrieves applicable enterprise-specific policies for the channelcreation request. The group-based communication platform 105 identifiesgroups to be associated with the requested channel within the channelcreation request, and looks up applicable enterprise policies via groupsdata tables (which link groups with corresponding enterprises, asindicated herein). Upon identifying applicable enterprise policies, thegroup-based communication platform 105 retrieves those enterprisepolicies from a corresponding enterprise-specific database shard, andcompares those enterprise policies against the requested channelsettings identified within the channel creation request. In certainembodiments, the group-based communication platform 105 mayautomatically adjust one or more channel settings to comply withenterprise-specific policies (upon determining that those channelsettings are not in compliance with applicable enterprise-specificpolicies). The group-based communication platform 105 may furtherprovide an indication of the changed channel settings to the requestingclient device 101 for presentation to the user. In other embodiments,the group-based communication platform 105 may request that the useradjust any channel settings that are not in compliance with applicableenterprise policies prior to proceeding to generate the newcommunication channel.

In certain embodiments, the group-based communication platform 105 mayfurther determine whether the user requesting to create the channel isan administrator associated with one of the groups to which therequested channel is to be assigned. For example, the group-basedcommunication platform 105 may retrieve data from a group-specificdatabase shard to identify a user identifier indicated as being anadministrator for each group identified within the channel creationrequest. The group-based communication platform may then compare theuser identified received as a part of the channel creation requestagainst the user identifiers indicated as being the administrators forthe applicable groups. Upon determining that the user is not anadministrator, the group-based communication platform may transmit anapproval request to each of the identified group administrators toapprove or deny the channel creation request. Even upon determining thatthe user is an administrator of a subset of the identified groups, thegroup-based communication platform 105 transmits an approval request toeach of the other identified group administrators to approve or deny thechannel creation request. If one or more of the identifiedadministrators deny the channel creation request, the process may end.However, if all of the identified administrators approve the channelcreation request, the process proceeds as discussed herein.

As shown at Block 1103, upon determining that the requested channelsettings comply with applicable enterprise-specific policies, thegroup-based communication platform 105 proceeds to generate a newdatabase shard for the requested channel. The group-based communicationplatform 105 may generate appropriate partitions within available(unused or underused) database storage devices to define a discretedatabase shard for the new channel. The group-based communicationplatform 105 may then populate the newly generated database shard withchannel-specific data, such as the channel settings provided within thechannel creation request as indicated at Block 1104.

The group-based communication platform 105 may additionally update oneor more data tables to identify the newly created channel (e.g., achannels data table), for associating users with the newly generatedchannel (e.g., a channel-member data table), and for associating thechannel with the applicable groups and enterprise for the channel (e.g.,a groups-channels data table), as indicated at Block 1105. This processmay additionally comprise updating one or more user-specific databaseshards to provide an appropriate indication of the user's membership inthe newly generated channel, and/or updating a plurality ofgroup-specific database shards to provide an appropriate indication thatthe newly generated communication channel is available for users in theparticular groups. Because the channel is associated with a plurality ofgroups, the data linking the channel with groups is present in aplurality of group-specific database shards. As a result, agroups-channels data table may include a plurality of table entrieslinking the channel with groups, with each table entry linking the newlygenerated channel with a single group. In certain embodiments, updatingthe user-specific database shards and/or the group-specific databaseshards causes updates to graphical user interfaces provided to users(via corresponding client devices 101A-101N) to indicate theavailability of the newly generated communication channel for use.

Moreover, the group-based communication platform 105 is configured togenerate and transmit invitations to join the newly generatedcommunication channels to other users listed within the channel creationrequest. Those users may be given the option to accept or decline theinvitation to join. In other embodiments, the group-based communicationplatform 105 may automatically add those identified users as members ofthe newly generated channel. As a part of adding those users as membersof the channel, the group-based communication platform updatesuser-specific shards corresponding to each of those users to reflect thenewly generated membership in the channel. In other embodiments,corresponding updates may be made to data in channel-specific shards toupdate the membership listing for the particular channel.

Creation of an inter-group, inter-enterprise channel is described withreference to FIG. 12. The process discussed in reference to FIG. 12results in the creation of a channel available for access to members ofa plurality of discrete, identified groups relating to separateenterprises. In other words, users associated with different enterprisesmay access the created channel so long as those users are associatedwith groups linked with the particular channel. It should be understoodthat identical processes may be utilized for creating aninter-enterprise channel available to all users of each of a pluralityof enterprises.

As shown in Block 1201, a user requests to create a new communicationchannel via a corresponding client device 101, and the user providesvarious channel characteristics, such as a channel name, a channeltopic, one or more initial users to invite to join the channel, one ormore groups to be associated with the channel, one or more enterprisesto be associated with the channel, whether the channel is to be publicor private, and/or the like. Upon receipt of user input for each ofthese channel characteristics, the client device 101 may provide thischannel creation data to the group-based communication platform 105within a channel creation request. For inter-group, inter-enterprisechannels, the channel creation request identifies a plurality of groupsto be associated with the channel and a plurality of enterprises to beassociated with the channel. Upon receipt of the channel creationrequest at the group-based communication platform 105, the user'sauthorization credentials for generating a channel are checked todetermine whether the user is authorized to initiate the creation of therequested channel (it should be understood that certain users may beauthorized to initiate the creation of intra-enterprise channels but notto initiate the creation of inter-enterprise channels). To check theuser's credentials, the group-based communication platform 105 retrievesa user record within a users data table stored therein. In certainembodiments, data corresponding to the user, including a user profilefor the user, may be stored within a database shard corresponding to theparticular user. In these and other embodiments, the user profile may beidentified by the group-based communication platform based on a useridentifier included with the channel creation request. In certainembodiments, upon determining that the user is not authorized togenerate the requested channel, the group-based communication platformtransmits a denial message to the client device 101, which may displaythe denial request to the user and the process ends.

Upon determining that the user is authorized to initiate the creation ofa new inter-group, inter-enterprise communication channel, thegroup-based communication platform determines whether the requestedchannel settings comply with applicable enterprise-specific policies foreach of the plurality of enterprises associated with the channel. Asindicated at Block 1202, the group-based communication platform 105retrieves applicable enterprise-specific policies for the channelcreation request. The group-based communication platform 105 identifiesgroups to be associated with the requested channel within the channelcreation request, and looks up applicable enterprise policies via groupdata tables (which link groups with corresponding enterprises, asindicated herein). Upon identifying applicable enterprise policies forthe plurality of enterprises associated with the channel creationrequest, the group-based communication platform 105 retrieves thoseenterprise policies from corresponding enterprise-specific databaseshards, and compares those enterprise policies against the requestedchannel settings identified within the channel creation request. Incertain embodiments, the group-based communication platform 105 mayautomatically adjust one or more channel settings to comply withenterprise-specific policies (upon determining that those channelsettings are not in compliance with applicable enterprise-specificpolicies for at least one of the identified enterprises). Thegroup-based communication platform 105 may further provide an indicationof the changed channel settings to the requesting client device 101 forpresentation to the user. In other embodiments, the group-basedcommunication platform 105 may request that the user adjust any channelsettings that are not in compliance with applicable enterprise policiesprior to proceeding to generate the new communication channel.

In certain embodiments, a single channel may be associated with aplurality of sets of channel settings to comply with enterprise-specificpolicies for a plurality of enterprises. In such embodiments, thechannel settings may be applied when providing data to particular clientdevices 101A-101N depending on associations between the client device101 (and the associated user) and groups/enterprises. For example, afirst client device 101 associated with a first enterprise may besubject to a first set of channel settings, and a second client device101 associated with a second enterprise may be subject to a second setof channel settings. These one-sided sets of channel settings may definevarious characteristics of the channel as experienced by users. Forexample, the channel settings may define whether emojis are availablefor use in the channel (users accessing the channel from the perspectiveof a first enterprise may be able to view shared emojis, and usersaccessing the channel from the perspective of a second enterprise maysee emojis as a placeholder character (e.g., a blank square, a squarewith an included question mark, and/or the like), may define how data istransmitted to client devices, whether particular external apps areaccessible to the users within the channel, and/or the like.

In certain embodiments, the group-based communication platform 105 mayfurther determine whether the user requesting to create the channel isan administrator associated with one of the groups (and/or enterprises)to which the requested channel is to be assigned. For example, thegroup-based communication platform 105 may retrieve data from agroup-specific database shard to identify a user identifier indicated asbeing an administrator for each group identified within the channelcreation request. The group-based communication platform may thencompare the user identified received as a part of the channel creationrequest against the user identifiers indicated as being theadministrators for the applicable groups. Upon determining that the useris not an administrator, the group-based communication platform maytransmit an approval request to each of the identified groupadministrators to approve or deny the channel creation request. Evenupon determining that the user is an administrator of a subset of theidentified groups, the group-based communication platform 105 transmitsan approval request to each of the other identified group administratorsto approve or deny the channel creation request. If one or more of theidentified administrators deny the channel creation request, the processmay end. However, if all of the identified administrators approve thechannel creation request, the process proceeds as discussed herein.

As shown at Block 1203, upon determining that the requested channelsettings comply with applicable enterprise-specific policies (and/orupon generating one-sided channel settings for each enterpriseassociated with the channel), the group-based communication platform 105proceeds to generate a new database shard for the requested channel. Thegroup-based communication platform 105 may generate appropriatepartitions within available (unused or underused) database storagedevices to define a discrete database shard for the new channel. Thegroup-based communication platform 105 may then populate the newlygenerated database shard with channel-specific data, such as the channelsettings provided within the channel creation request as indicated atBlock 1204.

The group-based communication platform 105 may additionally update oneor more data tables for identifying the newly created channel (e.g., achannels data table), for associating users with the newly generatedchannel (e.g., a channel-member data table), and for associating thechannel with the applicable groups and enterprise for the channel (e.g.,a groups-channels data table), as indicated at Block 1205. This processmay additionally comprise updating one or more user-specific databaseshards to provide an appropriate indication of the user's membership inthe newly created channel, and/or updating a plurality of group-specificdatabase shards to provide an appropriate indication that the newlycreated communication channel is available for users in the particulargroups. Because the channel is associated with a plurality of groups andenterprises, the data linking the channel with groups is present in aplurality of group-specific database shards. As a result, agroups-channels data table may include a plurality of table entrieslinking the channel with groups, with each table entry linking the newlygenerated channel with a single group. In certain embodiments, updatingthe user-specific database shards and/or the group-specific databaseshards causes updates to graphical user interfaces provided to users(via corresponding client devices 101A-101N) to indicate theavailability of the newly generated communication channel for use.

Moreover, the group-based communication platform 105 is configured togenerate and transmit invitations to join the newly createdcommunication channels to other users listed within the channel creationrequest. Those users may be given the option to accept or decline theinvitation to join. In other embodiments, the group-based communicationplatform 105 may automatically add those identified users as members ofthe newly created channel. As a part of adding those users as members ofthe channel, the group-based communication platform updatesuser-specific shards corresponding to each of those users to reflect thenewly generated membership in the channel. In other embodiments,corresponding updates may be made to data in channel-specific shards toupdate the membership listing for the particular channel.

In certain embodiments, channels may be converted between variouschannel types without changing the data storage location of thechannels. For example, a channels may be converted between intra-group,intra-enterprise channels; inter-group, intra-enterprise channels; andinter-group, inter-enterprise channels by simply adjusting channelsettings and/or removing or adding members of the channel. For example,channel characteristics may be modified (e.g., by a channel or groupadministrator) to add additional groups to be associated with a channel(either within a single enterprise or associated with multipleenterprises). Upon the additional of new groups having access to thechannel, the group-based communication platform 105 may review thechannel settings to determine whether those channels comply withapplicable enterprise policies for inter-group channels, and/or togenerate one or more approval requests for one or more groupadministrators relating to the groups that will have access to thechannel (e.g., the current group and/or the newly added group). Upondetermining that the channel complies with applicableenterprise-specific policies and, if applicable, approval has beenreceived from applicable group administrators, data stored in thechannel-specific database shard is updated to reflect the new groupassociations, and data stored in group-specific database shards areupdated to reflect the new channel access. Additional members may thenbe added from the newly added group, and data stored in user-specificdatabase shards may be updated to reflect the new channel membershiponce joined.

When removing a group from access to a particular channel, all membersof the group that are only associated with the group to be removed areremoved from the membership list of that channel. Moreover, thegroup-based communication platform 105 may be configured to requestauthorization to remove a group from the channel access listing from oneor more group administrators of groups associated with the channel. Incertain embodiments, the group-based communication platform may befurther configured to determine whether the channel remains incompliance with applicable enterprise-specific policies (e.g., policiesfor intra-group channels may differ from inter-group channels, andaccordingly changing the channel from an inter-group channel to anintra-group channel may subject the channel to different enterprisepolicies).

Moreover, when removing a group from access to a particular channel, thegroup-based communication platform 105 may update data within thechannel-specific database shard to remove the group therefrom, and toupdate data within the newly removed group's group-specific databaseshard to remove access indications from the group-specific databaseshard. Such updates may cause corresponding updates to groups-channelsdata tables reflecting the newly removed group.

In certain embodiments, the group-based communication platform 105 maybe configured to reassign a particular channel to an entirely new group.As just one example of where such a feature may be usable, a channeloriginally assigned to a particular group within an enterprise may bepromoted to be an all-enterprise channel. Thus, the channel may beoriginally associated with a single group identifier corresponding tothe original group, and the group-based communication platform 105 mayreplace the single group identifier with a group identifier associatedwith the enterprise. When making such a change, data stored in achannel-specific database shard may be updated to reflect the new groupidentifier associated with the channel, data within a group-specificdatabase shard corresponding to the original group may be updated toremove the channel identifier from association with the group, and datastored in a group-specific database shard corresponding to theenterprise (also known as an enterprise-specific database shard) may beupdated to reflect the addition of the channel identifier. Whereapplicable, the group-based communication platform may be furtherconfigured to update one or more user-specific database shards to removechannel membership from those user-specific database shards, if the useris not a member of the newly assigned group. However, following theabove example, where a user is a member of both the original groupassociated with the channel and the new group associated with thechannel, no data stored within a corresponding user-specific databaseshard need be updated. With specific reference to the above example(promoting a channel from group-specific to enterprise-wide), allmembers of the original group are also members of the enterprise,because the original group (and all of its members) were originallyassociated with the enterprise. Accordingly, all of the original membersof the channel remain members of the channel after the transition from agroup-specific channel to an enterprise-wide channel.

External Applications

In certain embodiments, one or more external applications may beinstalled and used in communication channels. These externalapplications may be installed in channel-specific database shards(subject to rules dictating whether enterprise policies enable theinstallation and/or use of such external applications), thereby enablingaccess to data stored therein by the external applications. In certainembodiments, these external applications may be at least partiallyexecutable via third-party computing systems, and in such casesinstallation of these external applications may comprise providing thethird party applications with a token enabling the external applicationto access data stored in the channel-specific database shard.

In certain embodiments, external applications may be further installedor otherwise associated with particular groups, enterprises, and/orusers. In such embodiments, external applications (or indicationsthereof) may be stored in corresponding group-specific database shards,enterprise-specific database shards, user-specific database shards,and/or the like. In such embodiments, to enable a particular externalapplication to be executable with respect to a particular channel, thegroup-based communication platform may utilize one or more data tablesassociating channels with particular groups, enterprises, and/or usersto determine whether a particular external application should be usablewith a particular channel, for a particular user. Thus, multiple usershaving access to the same communication channel may have access todifferent external applications for the particular channel. This may beparticularly applicable in inter-enterprise channels, in which eachenterprise may have access to different external applications for theirusers.

Access Management

The group-based communication platform 105 may be configured tofacilitate access management for particular users. Access management mayensure users maintain appropriate access privileges to particularchannels (and corresponding channel shards) associated with the users'group and/or enterprise membership and ensures that data exchangedwithin particular channels (and stored within corresponding channelshards) are disseminated to appropriate client devices 101 based atleast in part on channel membership of particular users. As a generalexample, users may have access to view (determine the existence of)and/or access to request to join channels associated with groups and/orenterprises for which the user is a member based at least in part on theuser's membership in particular groups and/or enterprises, as identifiedwithin a user-specific database shard corresponding to the individualuser. Moreover, the group-based communication platform 105 may befurther configured to disseminate messages and/or exchanged data withinparticular channels to particular client devices 101A-101N (and/or tootherwise provide access to messages and/or exchanged data withinparticular channels) based on channel memberships (e.g., as identifiedwithin the user-specific shards corresponding to particular useridentifiers associated with those particular client devices 101A-101N).

As noted above, channels may be reassigned to different groups,enterprises, and/or the like without moving corresponding,channel-specific database shards for those channels. Similarly, usersmay be assigned, reassigned, moved, and/or the like between and amongvarious channels, groups, enterprises, and/or the like withoutgenerating or moving user-specific database shards for the user.Finally, characteristics of groups, as well as assignments betweenparticular groups and enterprises may be easily modified as neededwithout changing the location of group-specific database shards forthose specific groups. Because relationships between users, groups,enterprises, and channels are dictated by relational data stored incorresponding database shards (and within corresponding relational datatables usable by the group-based communication platform 105), theserelationships may be easily modified by simply changing the contents ofthe relational data within appropriate storage locations.

Initiation of changes to relational data between users, groups,enterprises, and/or channels is initiated by a request generated at aclient device 101. In certain embodiments, administrators may haveaccess to access management functionalities of the group-basedcommunication platform 105, thereby enabling administrator users togenerate access management modification requests corresponding to thegroup, channel, and/or enterprise for which the user is assignedadministrative privileges. In other embodiments, all users (regardlessof administrative access privileges) may generate access managementrequests, although those access management requests may be subject tothe approval of one or more applicable administrative users for aparticular group, enterprise, and/or channel.

Access management requests relating to individual users may be generatedto add a user to a channel, to add a user to a group, to add a user toan enterprise, to remove a user from a channel, to remove a user from agroup, or to remove a user from an enterprise. It should be understoodthat combinations of these options may be utilized to “move” a user froma first group to a second group, from a first enterprise to a secondenterprise, and/or the like.

To add a new user to a channel, an access management request embodied asa channel access request may be generated at a client device 101 (e.g.,the client device 101 of the user requesting access to the channel). Incertain embodiments, the group-based communication interface isconfigured such that the client device 101 may only generate channelaccess requests for channels associated with the user's associatedgroup(s) and/or enterprise(s). In such embodiments, the group-basedcommunication interface is configured for providing a list to the userof available channels for which the user may request to join (this listmay comprise all available channels for which the user may request tojoin, or a subset of available channels, for example, complying with auser-provided channel query to search for one or more channels complyingwith the channel query). The user may provide user input to the clientdevice 101 selecting one of the displayed channels, which may generate achannel access request for the selected channel.

In certain embodiments, the displayed list of available channelscomprises at least a subset of channel settings reflected incorresponding channel database shards. Thus, when populating the list ofavailable channels, the group-based communication platform 105 generatesa composite listing of channels, including data obtained from each of aplurality of discrete database shards, based on the user's membership ingroup(s) and/or enterprise(s). The listing of available channelsincludes channels that are associated with one or more groups and/orenterprises for which the user is associated. The group-basedcommunication platform 105 is thus configured to obtain data of theuser's membership in particular groups and/or enterprises from theuser-specific database shard corresponding to the user (and/or fromgroup-specific database shards corresponding to various groups orenterprises).

The access management request may identify the user identifierrequesting access to the channel, and the channel identifier of therequested channel. This access management request may be transmitted tothe group-based communication platform 105, which is configured todetermine whether the user is authorized to access the requestedchannel. The group-based communication platform 105 may thus query theuser profile (e.g., stored within a user-specific database shard) forthe user, and the channel settings (e.g., stored within achannel-specific database shard) for the channel to determine whetherthe user is a member of a group having access to the requested channel.Specifically, the group-based communication platform 105 may reviewgroup membership for the user as defined in the user-specific databaseshard and group associations for the channel as defined in thechannel-specific database shard to determine whether the user should begranted access to the channel. In embodiments in which the channelsettings dictate, the group-based communication platform 105 may furthertransmit an authorization request to the administrator of the channel todetermine whether the user should be approved for access to the channel.If the user is authorized to access the channel (e.g., based ongroup-membership and/or based on a received authorization approval froma channel administrator), the user data stored in the user-specificdatabase shard is updated to reflect the new membership in the requestedchannel, and channel data stored in the channel-specific database shardcorresponding to the channel is updated to reflect the newly addedmember. Thereafter, the user (via a client device 101) has access todata exchanged within the channel and/or stored within the channel shardcorresponding to the channel. Data stored with the channel shard may beprovided to the user's client device 101 based on a determination thatthe user is a member of the channel (e.g., as reflected in user datastored in a user-specific database shard and/or as reflected in achannel-members data table).

To remove a user from a channel, an access management request may begenerated at a client device 101 (e.g., a client device 101 associatedwith a channel administrator). The access management request mayidentify the user identifier to be removed from the channel and thecorresponding channel identifier. The access management request may betransmitted to the group-based communication platform 105, which isconfigured to update user data stored in the user-specific databaseshard corresponding to the identified user to reflect the removedmembership in the corresponding channel, and channel data stored in thechannel-specific database shard corresponding to the applicable channelis updated to reflect the newly removed member.

To add a new user to a group (or enterprise), an access managementrequest may be generated at a client device 101 (e.g., the client device101 of the user requesting access to the group; a client device 101associated with user having administrative privileges over the group tobe joined; and/or the like). The access management request may identifythe user identifier requesting access to the group, and the groupidentifier of the requested group. This access management request may betransmitted to the group-based communication platform 105, which isconfigured to determine whether the user is authorized to access therequested group. The group-based communication platform 105 may thusquery the user profile (e.g., stored within a user-specific databaseshard) for the user, and the group-specific policies (e.g., storedwithin a group-specific database shard) for the group to determinewhether the user is a member of an enterprise encompassing the requestedgroup, or whether the user is otherwise authorized to access therequested group (e.g., based on an approval from the groupadministrator). As a specific example, the group-based communicationplatform 105 may review enterprise membership for the user as defined inthe user-specific database shard, and enterprise associations for thegroup as defined in the group-specific database shard to determinewhether the user should be granted access to the group. In embodimentsin which the group-specific policies dictate, the group-basedcommunication platform 105 may further transmit an authorization requestto the administrator of the group to determine whether the user shouldbe approved for access to the group. If the user is authorized to accessthe group (e.g., based on enterprise membership and/or based on areceived authorization approval from a group administrator), the userdata stored in the user-specific database shard is updated to reflectthe new membership in the requested group, and the group-data stored inthe group-specific database shard corresponding to the group is updatedto reflect the newly added member.

To remove a user from a group (or enterprise), an access managementrequest may be generated at a client device 101 (e.g., a client device101 associated with a group administrator). The access managementrequest may identify the user identifier to be removed from the groupand the corresponding group identifier. The access management requestmay be transmitted to the group-based communication platform 105, whichis configured to update user data stored in the user-specific databaseshard corresponding to the identified user to reflect the removedmembership in the corresponding group, and channel data stored in thegroup-specific database shard corresponding to the applicable group isupdated to reflect the newly removed member.

Client Device Interactions

A client device 101 associated with a user (e.g., utilized by the userto access the group-based communication platform 105) may be configuredto provide data regarding various groups, enterprises, and channels forwhich the user is a member.

Data provided from the group-based communication platform 105 to theclient device 101 may be provided via a websocket connection (e.g.,established between the client device 101 and the interface computingentity 109). In certain embodiments, a plurality of websocketconnections may be established between a single client device 101 andthe group-based communication platform 105. Each websocket may beassociated with a particular group (e.g., such that messages exchangedover communication channels associated with a particular group are alltransmitted to the client device 101 via a shared websocket connection),a particular communication channel, and/or the like.

The client device 101 provides data (e.g., messages exchanged over oneor more communication channels) to the user via the communicationchannel interface. The communication channel interface may be embodiedas a group-based (or enterprise-based) user interface, such that allcommunication channels associated with a particular group and that theuser is a member of, are included within a combined user interface. Theclient device 101 may be configured to switch between multiplegroup-based user interfaces in circumstances in which a user is a memberof a plurality of groups.

The group-based user interface may comprise a channel listing of allcommunication channels for which the user is a member of, and whichrelate to the particular group of the user interface. This listing maybe generated based at least in part on data stored within thechannel-members data table (e.g., as shown in FIG. 6) and/or thegroups-channels data table (e.g., as shown in FIG. 9). As displayedwithin the group-based user interface of the client device 101, thechannel listing may be interactive, such that selecting a particularchannel within the channel listing causes the client device 101 todisplay messages exchanged between users within the selected channel.Because data associated with each communication channel may be storedwithin physically distinct database shards, selecting between aplurality of communication channels included within the channel listingcauses the client device 101 to display data retrieved from physicallydifferent database shards stored at the group-based communicationplatform 105. Moreover, the channels listing may be configured todisplay notifications, for example, regarding updates (e.g., newmessages) within a particular communication channel. These notificationsmay be displayed simultaneously. Because the channel listing comprises alisting of channels stored in physically discrete database shards, thegroup-based communication interface may be configured to providenotifications regarding data stored within a plurality of physicallydiscrete database shards simultaneously.

It should be understood that other display configurations may beutilized to provide data to a user via a client device 101. In certainembodiments, the channel listing within a group-based user interface maycomprise one or more channels not associated with the particular group.For example, a user may pin one or more communication channels within alisting of favorite channels, which may include channels associated witha plurality of groups. The client device 101 may be configured toinclude this listing of favorite channels as a portion of a channellisting in a plurality of group-based user interfaces. In suchembodiments, the channel listing may provide a visual distinctionbetween channels associated with different groups (e.g., the textualrepresentation of each channel within the channel listing may bedisplayed in a group-specific color; each channel may have an associatedgroup-specific icon/symbol, and/or the like).

The group-based communication interface may further comprise a messagedisplay portion configured to provide a listing of messages (e.g., inchronological order, by threads, and/or the like) exchanged within aselected communication channel. This message display portion may bedisplayed as a separate pane within the group-based communicationinterface adjacent to a channel listing pane (each of these panes may beindependently navigable, such as being independently scrollable).

Messages displayed within the message display portion for a particularcommunication channel may be those messages stored within the specificdatabase shard storage area for the communication channel. Thus,messages displayed within the message display portion are retrieved(e.g., by message distribution servers 107A-107N) from the databaseshard corresponding to the particular communication channel, and arepassed to the client device 101 (e.g., via the websocket connectionestablished between the client device 101 and the interface computingentity 109).

Similarly, messages generated at the client device 101 for disseminationto other members of a communication channel are transmitted from theclient device 101 to the group-based communication platform 105 (e.g.,via a websocket connection established between the client device 101 andthe interface computing entity 109). As discussed above, those messagesmay be transmitted with metadata indicative of the channel in which themessage was transmitted. Once received at the message distributionservers 107A-107N (e.g., after being passed from the interface computingentity 109 to the message distribution servers 107A-107N), the messagedistribution servers 107A-107N identify the communication channel inwhich the message was sent, lookup the corresponding database shard forthe communication channel from the one or more data tables, and storethe message within the corresponding database shard. Moreover, themessage distribution servers 107A-107N may additionally look up theother members of the communication channel within the data tables, andmay disseminate the message to client devices 101A-101N associated withthose other channel members (e.g., for display within group-basedcommunication interfaces of those other client devices 101A-101N.

CONCLUSION

Many modifications and other embodiments will come to mind to oneskilled in the art to which this disclosure pertains having the benefitof the teachings presented in the foregoing descriptions and theassociated drawings. Therefore, it is to be understood that thedisclosure is not to be limited to the specific embodiments disclosedand that modifications and other embodiments are intended to be includedwithin the scope of the appended claims. Although specific terms areemployed herein, they are used in a generic and descriptive sense onlyand not for purposes of limitation.

That which is claimed:
 1. A group-based data storage system accessibleby a plurality of client devices, the group-based data storage systemcomprising: a plurality of discrete physical database storage deviceseach defining a database, wherein each of the plurality of discretephysical database storage devices encompass at least one non-transitorycomputer-readable storage medium, and wherein each database is shardedinto a plurality of data shards collectively comprising:channel-specific shards each having an associated channel identifier;group-specific shards each having an associated group identifier; anduser-specific shards each having an associated user identifier; and aremote computing platform comprising at least a processor and a memoryhaving computer coded instructions therein, and wherein, when executedby the processor, the computer coded instructions cause the processor tocorrelate each channel identifier with one or more group identifiers andshard the plurality of discrete physical database storage devices togenerate new data shards of the plurality of data shards by: receiving achannel creation request from a client device associated with a givenuser identifier; generating a new channel-specific shard within one ofthe plurality of discrete physical database storage devicescorresponding to the channel creation request; populating the newchannel-specific shard with linking data linking the newchannel-specific shard with one or more linked group-specific shards ofthe one or more group-specific shards and one or more linkeduser-specific shards of the one or more user-specific shards; andpopulating the one or more linked group-specific shards and the one ormore linked user-specific shards with data identifying the newchannel-specific shard; and wherein the computer coded instructions ofthe remote computing platform further cause the processor to controlaccess to each of the plurality of channel-specific shards based atleast in part on linking data associated with each channel-specificshard, channel membership, and group membership by: receiving an accessrequest from the client device to access data stored on one or morechannel-specific shards; determining channel membership and groupmembership for the client device; providing the client device withaccess to data stored in one or more channel-specific shards havingassociated channel identifiers and group identifiers matching thedetermined channel membership and group membership for the clientdevice.
 2. The group-based data storage system of claim 1, wherein theone or more linked group-specific shards are linked with a plurality ofchannel-specific shards stored on a plurality of discrete physicaldatabase storage devices.
 3. The group-based data storage system ofclaim 2, wherein: the group-specific shards comprise firstgroup-specific shards each corresponding to an enterprise group andsecond group-specific shards each corresponding to a subgroup; each ofthe second group-specific shards comprise hierarchy data comprising agroup identifier corresponding to one of the first group-specificshards; and the linking data links the new shard with one or more of thesecond group-specific shards.
 4. The group-based data storage system ofclaim 3, wherein each of the first group-specific shards comprise dataindicative of enterprise channel creation parameters, and wherein thecomputer coded instructions of the remote computing platform furthercause the processor to populate the new shard with data indicative ofone or more of the enterprise channel creation parameters.
 5. Thegroup-based data storage system of claim 1, wherein the computer codedinstructions of the remote computing platform enforce access control tothe new shard by: enforcing a first access level for users based on thelinked group-specific shards; and enforcing a second access level forusers based on the linked user-specific shards.
 6. The group-based datastorage system of claim 5, wherein each of the one or more linkedgroup-specific shards identifies user-specific shards corresponding tomembers of the group-specific shard, and wherein the first access levelenables members of the one or more linked group-specific shards to viewidentifying data corresponding to the new shard.
 7. The group-based datastorage system of claim 5, wherein the second access level enables usersassociated with each of the one or more linked user-specific shards toaccess contents of the new shard.
 8. The group-based data storage systemof claim 1, wherein the remote computing platform is embodied as agroup-based communication platform for message exchange between theplurality of client devices.
 9. A computer program product for managinga group-based storage system accessible via a plurality of clientdevices, the computer program product comprising at least onenon-transitory computer-readable storage medium having computer-readableprogram code portions stored therein, the computer-readable program codeportions comprising an executable portion, wherein when executed by aprocessor the executable portion causes the processor to: shard aplurality of databases defined by discrete physical database storagedevices into a plurality of data shards comprising: channel-specificshards each having an associated channel identifier; group-specificshards each having an associated group identifier; and user-specificshards each having an associated user identifier; wherein sharding theplurality of discrete physical database storage devices comprises:receiving a channel creation request from a client device associatedwith a given user identifier; generating a new channel-specific shardwithin one of the plurality of discrete physical database storagedevices corresponding to the channel creation request; populating thenew channel-specific shard with linking data linking the newchannel-specific shard with one or more linked group-specific shards ofthe one or more group-specific shards and one or more linkeduser-specific shards of the one or more user-specific shards; andpopulating the one or more linked group-specific shards and the one ormore linked user-specific shards with data identifying the new shard;correlate each channel identifier with one or more group identifiers;and control access to each of the plurality of channel-specific shardsbased at least in part on linking data associated with eachchannel-specific shard, channel membership, and group membership by:receiving an access request from the client device to access data storedon one or more channel-specific shards; determining channel membershipand group membership for the client device; providing the client devicewith access to data stored in one or more channel-specific shards havingassociated channel identifiers and group identifiers matching thedetermined channel membership and group membership for the clientdevice.
 10. The computer program product of claim 9, wherein the one ormore linked group-specific shards are linked with a plurality ofchannel-specific shards stored on a plurality of discrete physicaldatabase storage devices.
 11. The computer program product of claim 10,wherein: the group-specific shards comprise first group-specific shardseach corresponding to an enterprise group and second group-specificshards each corresponding to a subgroup; each of the secondgroup-specific shards comprise hierarchy data comprising a groupidentifier corresponding to one of the first group-specific shards; andthe linking data links the new shard with one or more of the secondgroup-specific shards.
 12. The group-based data storage system of claim11, wherein each of the first group-specific shards comprise dataindicative of enterprise channel creation parameters, and whereinsharding the plurality of discrete physical database storage devicesfurther comprises populating the new shard with data indicative of oneor more of the enterprise channel creation parameters.
 13. The computerprogram product of claim 9, wherein the computer-readable program codeportions comprising an executable portion enforce access control to thenew shard by: enforcing a first access level for users based on thelinked group-specific shards; and enforcing a second access level forusers based on the linked user-specific shards.
 14. The computer programproduct of claim 13, wherein each of the one or more linkedgroup-specific shards identifies user-specific shards corresponding tomembers of the group-specific shard, and wherein the first access levelenables members of the one or more linked group-specific shards to viewidentifying data corresponding to the new shard.
 15. The computerprogram product of claim 13, wherein the second access level enablesusers associated with each of the one or more linked user-specificshards to access contents of the new shard.
 16. A group-based datastorage system accessible by a plurality of client devices, thegroup-based data storage system comprising: a plurality of discretephysical database storage devices each defining a database, wherein eachof the plurality of discrete physical database storage devices encompassat least one non-transitory computer-readable storage medium, andwherein each database is sharded into a plurality of data shardscollectively comprising: a plurality of channel shards each having anassociated channel identifier of a plurality of channel identifiers andeach storing data exchanged between client devices in association withthe channel identifier and each storing channel settings in associationwith a corresponding channel identifier and identifying one or moregroup identifiers associated with the corresponding channel identifier;a plurality of group shards each corresponding to a single groupidentifier, wherein each group shard of the plurality of group shardsstores data indicative of channel creation authorization for newchannels associated with the group shard and stores group policies forthe single group identifier; and a plurality of user shards each havingan associated user identifier of a plurality of user identifiers andeach user shard identifying channel membership and group membership forthe associated user identifier; and a remote computing platformcomprising at least a processor and a memory having computer codedinstructions therein, and wherein, when executed by the processor, thecomputer coded instructions cause the processor to: control channelcreation authorization for new channel shards requested by a clientdevice associated with a particular user identifier of the plurality ofuser identifiers based at least in part on a group shard of theplurality of group shards corresponding with the particular useridentifier; and maintain compliance of channel settings associated withnew channels relative to group policies associated with groupidentifiers that are associated with corresponding channel identifiers.17. The group-based data storage system of claim 16, wherein dataindicative of channel creation authorization stored within each groupshard comprises data indicative of one or more user identifiersauthorized for channel creation.
 18. The group-based data storage systemof claim 16, wherein the plurality of group shards comprises a pluralityof first group shards relating to enterprise groups, and a plurality ofsecond group shards relating to subgroups; and wherein: each of thesecond group shards comprises enterprise data identifying a groupidentifier corresponding to one of the first group shards relating to anassociated enterprise group; and wherein data indicative of channelcreation authorization for new channels associated with each of thesecond group shards at least partially matches data indicative ofchannel creation authorization for new channels associated with the oneof the first group shards relating to the associated enterprise group.19. A computer program product for managing a group-based storage systemaccessible via a plurality of client devices, the computer programproduct comprising at least one non-transitory computer-readable storagemedium having computer-readable program code portions stored therein,the computer-readable program code portions comprising an executableportion, wherein when executed by a processor the executable portioncauses the processor to: shard a plurality of databases defined bydiscrete physical database storage devices into a plurality of datashards comprising: a plurality of channel shards each having anassociated channel identifier of a plurality of channel identifiers andeach storing data exchanged between client devices in association withthe channel identifier and each storing channel settings in associationwith a corresponding channel identifier and identifying one or moregroup identifiers associated with the corresponding channel identifier;a plurality of group shards each corresponding to a single groupidentifier, wherein each group shard of the plurality of group shardsstores data indicative of channel creation authorization for newchannels associated with the group shard and stores group policies forthe single group identifier; and a plurality of user shards each havingan associated user identifier of a plurality of user identifiers andeach user shard identifying channel membership and group membership forthe associated user identifier; control channel creation authorizationfor new channel shards requested by a client device associated with aparticular user identifier of the plurality of user identifiers based atleast in part on a group shard of the plurality of group shardscorresponding with the particular user identifier; and maintaincompliance of channel settings associated with new channels relative togroup policies associated with group identifiers that are associatedwith corresponding channel identifiers.
 20. The computer program productof claim 19, wherein data indicative of channel creation authorizationstored within each group shard comprises data indicative of one or moreuser identifiers authorized for channel creation.
 21. The computerprogram product of claim 19, wherein the plurality of group shardscomprises a plurality of first group shards relating to enterprisegroups, and a plurality of second group shards relating to subgroups;and wherein: each of the second group shards comprises enterprise dataidentifying a group identifier corresponding to one of the first groupshards relating to an associated enterprise group; and wherein dataindicative of channel creation authorization for new channels associatedwith each of the second group shards at least partially matches dataindicative of channel creation authorization for new channels associatedwith the one of the first group shards relating to the associatedenterprise group.